Use case: Create an alert with an outgoing webhook

This guide demonstrates how to create an alert that sends notifications through an outgoing webhook (e.g., Slack) using the REST API. The flow involves:

Creating a webhook integration
Testing the webhook
Listing webhooks to retrieve integrationId
Creating the alert definition

Steps

Create a webhook integration

POST /v1/outgoing-webhooks

Create a new webhook integration to send notifications to Slack. The current webhook configuration enables notifications about error and critical logs, spike anomalies, and data usage. The alert message is also configured to include a snapshot of metric data.

Field	Description
`type`	Integration type (e.g.,`2` = Slack)
`url`	Webhook destination URL
`digests`	Events that trigger notifications
`attachments`	Metric snapshots

Supported webhook types

Value	Name	Description
0	`UNKNOWN`	Default or undefined
1	`GENERIC`	Generic webhook
2	`SLACK`	Slack integration
3	`PAGERDUTY`	PagerDuty integration
4	`SEND_LOG`	Log forwarding webhook
5	`EMAIL_GROUP`	Email group notification
6	`MICROSOFT_TEAMS`	Microsoft Teams
7	`JIRA`	Jira integration
8	`OPSGENIE`	Opsgenie integration
9	`DEMISTO`	Demisto
10	`AWS_EVENT_BRIDGE`	AWS EventBridge
11	`IBM_EVENT_NOTIFICATIONS`	IBM Event Notifications
12	`MS_TEAMS_WORKFLOW`	MS Teams workflow app

Request body

{
    "data": {
        "type": 2, // SLACK
        "name": "SlackWebhook",
        "url": "https://hooks.slack.com/services/T2KG0NT2T/A05JJ8MG3FV/PHWHCuXXqFDnWA5ndsCJWRRB",
        "config": {
            "$case": "slack",
            "slack": {
                "digests": [
                    {
                        "type": 1, // ERROR_AND_CRITICAL_LOGS
                        "isActive": true
                    },
                    {
                        "type": 3, // SPIKE_ANOMALIES
                        "isActive": true
                    },
                    {
                        "type": 4, // DATA_USAGE
                        "isActive": true
                    }
                ],
                "attachments": [
                    {
                        "type": 1, // METRIC_SNAPSHOT
                        "isActive": true
                    }
                ]
            }
        }
    }
}

Test outgoing webhook

POST /v1/outgoing-webhooks/test

To validate the webhook configuration, send a test request.

Request body

Same as the create payload above.

Successful response

{
    "result": {
        "$case": "success",
        "success": {}
    }
}

Retrieve webhook integration ID

GET /v1/outgoing-webhooks/all

Use the List Outgoing Webhooks API to retrieve the list of available integrations. From the response, extract the externalId of the webhook you just created—this will be used as integrationId in the alert definition.

Sample response

{
  "deployed": [
    {
      "id": "n8F2B116-d401-49a3-ag79-3f9a66ff4b2a",
      "type": "AWS_EVENT_BRIDGE",
      "name": "EventBridge-Alerts",
      "createdAt": "2024-02-21T18:01:36.690012Z",
      "updatedAt": "2024-05-22T07:54:19.753346Z",
      "externalId": 13490
    },
    {
      "id": "0ac29499-4b1b-42bj-a249-97204c136f6e",
      "type": "EMAIL_GROUP",
      "name": "Alert_Email_Group",
      "createdAt": "2022-01-11T12:10:12Z",
      "updatedAt": "2022-07-28T09:35:07Z",
      "externalId": 3722
    }
  ]
}

Create an alert with the webhook

POST /v3/alert-defs

Now that you have the integrationId, you can define an alert and specify the webhook as a notification destination.

{
    "alertDefProperties": {
        "deleted": false,
        "enabled": true,
        "phantomMode": false,
        "groupByKeys": [],
        "name": "Logs Threshold Alert",
        "description": "",
        "priority": 0,
        "type": 1, // ALERT_DEF_TYPE_LOGS_THRESHOLD
        "incidentsSettings": {
            "notifyOn": 0,
            "retriggeringPeriod": {
                "$case": "minutes",
                "minutes": 5
            }
        },
        "notificationGroup": {
            "groupByKeys": [],
            "webhooks": [
                {
                    "integration": {
                        "integrationType": {
                            "$case": "integrationId",
                            "integrationId": 172196
                        }
                    }
                }
            ],
            "destinations": []
        },
        "notificationGroupExcess": [],
        "entityLabels": {},
        "typeDefinition": {
            "$case": "logsThreshold",
            "logsThreshold": {
                "notificationPayloadFilter": [],
                "logsFilter": {
                    "filterType": {
                        "$case": "simpleFilter",
                        "simpleFilter": {
                            "luceneQuery": "",
                            "labelFilters": {
                                "applicationName": [
                                    {
                                        "value": "aws-lambda",
                                        "operation": 0
                                    }
                                ],
                                "subsystemName": [],
                                "severities": []
                            }
                        }
                    }
                },
                "rules": [
                    {
                        "condition": {
                            "threshold": 1,
                            "conditionType": 0,
                            "timeWindow": {
                                "type": {
                                    "$case": "logsTimeWindowSpecificValue",
                                    "logsTimeWindowSpecificValue": 0
                                }
                            }
                        },
                        "override": {
                            "priority": 0
                        }
                    }
                ],
                "evaluationDelayMs": null
            }
        }
    }
}

Summary

Create webhook	`POST /api/integrations/webhook`	Define the outgoing integration
Test webhook	`POST /api/integrations/webhook/test`	Optional but recommended
Get webhook ID	`GET /api/integrations/webhook`	Extract `externalId`
Create alert	`POST /api/alerts`	Attach webhook using `integrationId`

​Use case: Create an alert with an outgoing webhook

​Steps

​Supported webhook types

​Request body

​Request body

​Successful response

​Summary

Use case: Create an alert with an outgoing webhook

Steps

Supported webhook types

Request body

Request body

Successful response

Summary