Adding webhook integrations

A webhook is a mechanism that allows Kaspersky Container Security to monitor changes and send you a notification when a certain event occurs. Webhooks involve using HTTP messages to initiate certain actions in another solution.

To add a webhook integration:

Under Administration → Integrations → Notifications, on the Webhooks tab, click Add integration.
The integration settings window opens.
Specify a name for the integration that will be displayed in the response policy settings.
In the URL field, enter the full URL to which Kaspersky Container Security will send notifications (for example, https://company.com/v3/notifications/notcompliant). You can also specify the recipient of the notification in the following format: <IP address>:<port> (for example, 127.0.0.1:2193).
If necessary, select the Number of requests per second check box to enable the limit and enter the number of notifications that the solution can send per second. If the maximum number of notifications is exceeded, the solution queues messages to be sent in the next period (second), but such messages have a lower priority than newer messages.
The default setting is 150 requests per second.
Select one of the following authorization methods by clicking the corresponding button:
- Open access.
- Basic means authorization with a user name and password.
- HMAC means authorization with a hash algorithm, header, and secret.
- API token means authorization with a header and API token value.
Specify the authorization credentials depending on the selected authorization method.
If necessary, edit the request body in the Data in .JSON field. By default, the solution displays the following request body:
{

"response_policy_name": $$response_policy_name$$,

"image_name": $$image_name$$,

"registry_name": $$registry_name$$,

"compliance_verdict": $$compliance_verdict$$,

"malware_count": $$malware_count$$,

"sensitive_data_count": $$sensitive_data_count$$,

"misconfigurations_count":$$misconfigurations_count$$,

"vulnerabilities_count": $$vulnerabilities_count$$,

"total_critical": $$total_critical$$,

"total_high": $$total_high$$,

"total_medium": $$total_medium$$

}

You can delete or duplicate the lines in the request:
- $$response_policy_name$$ is the name of the triggered response policy.
- $$image_name$$ is the name of the target image.
- $$registry_name$$ is the name of the image registry integration.
- $$compliance_verdict$$ is the security policy compliance status (Compliant or Non-compliant).
- $$malware_count$$ is the number of objects with malware found.
- $$sensitive_data_count$$ is the number of sensitive data found.
- $$misconfigurations_count$$ is the number of misconfigurations found.
- $$vulnerabilities_count$$ is the number of vulnerabilities found.
- $$total_critical$$ is the number of vulnerabilities with the Critical severity found.
- $$total_high$$ is the number of vulnerabilities with the High severity found.
- $$total_medium$$ is the number of vulnerabilities with the Medium severity level.
The request body must comply with the JSON format. Values in the lines of the request must be specified as $$example$$.
Click Test connection to see if a connection with the webhook can be established.
Click Add to save the webhook integration settings.

You can use the configured integration in response policies.

Page top