REST Resource: projects.locations.instances.webhooks

Resource: Webhook

This service is available for customers who migrated SOAR to a customer managed project and have the Chronicle API enabled. Model represents the webhook definition.

JSON representation 
{
  "name": string,
  "displayName": string,
  "description": string,
  "environment": string,
  "enabled": boolean,
  "jsonExampleData": string,
  "webhookMapping": {
    object (WebhookMapping)
  },
  "postfix": string
}
Fields
name

string

Identifier. Guid of the webhook
displayName

string

Required. Display name of the webhook.
description

string

Required. Description of the webhook
environment

string

Required. The default environment where the webhook will be ingested if no specific environment is provided.
enabled

boolean

Required. Flag that indicates if the webhook is enabled or not.
jsonExampleData

string

Optional. Json example data that will be used for mapping.
webhookMapping

object (WebhookMapping)

Optional. Mapping rules of the webhook.
postfix

string

Optional. Postfix of the webhook.

WebhookMapping

Configuration mapping rules that holds for each field - a rule, a string format used to tell the backend where which field and how, to extract the value off the received webhook request when it will arrive.

JSON representation 
{
  "webhookInstanceId": string,
  "ticketId": string,
  "sourceSystem": string,
  "mappingName": string,
  "deviceVendor": string,
  "ruleGenerator": string,
  "startTime": string,
  "environment": string,
  "description": string,
  "displayId": string,
  "reason": string,
  "deviceProduct": string,
  "endTime": string,
  "priority": string,
  "eventsList": string,
  "eventProduct": string,
  "event": string
}
Fields
webhookInstanceId

string

Optional. the webhook instance identifier, must be added for foreign key detection with the infra with the infra
ticketId

string

Optional. Mapping rule of the ticket id field.
sourceSystem

string

Required. Mapping rule of the source systemfield.
mappingName

string

Optional. Mapping rule of the name field.
deviceVendor

string

Required. Mapping rule of the device vendor field.
ruleGenerator

string

Optional. Mapping rule of the rule generator field.
startTime

string

Optional. Mapping rule of the start time field.
environment

string

Optional. Mapping rule of the environment field.
description

string

Optional. Mapping rule of the description field.
displayId

string

Optional. Mapping rule of the display id field.
reason

string

Optional. Mapping rule of the reason field.
deviceProduct

string

Optional. Mapping rule of the device product field.
endTime

string

Optional. Mapping rule of the end time field.
priority

string

Optional. Mapping rule of the priority field.
eventsList

string

Optional. Mapping rule of the events list field.
eventProduct

string

Optional. Mapping rule of the event product field.
event

string

Optional. Mapping rule of the event name field.

Methods

create

 Create a SOAR webhook configuration.

delete

 Delete a webhook.

exportLogs

 Exports logs for a given webhook.

get

 Get a single webhook.

getLogs

 Get a log for a given webhook.

getStatistics

 Get statistics for a given webhook.

ingest

 Ingest data for a given webhook.

list

 Lists existing SOAR webhooks.

patch

 Update a webhook.

revokeUrl

 RevokeUrl revokes a previously registered webhook URL, invalidating it and preventing further access.