If you use webhooks as your alerts notification channel, you can use the default values. You can also customize the payload in the POST message for further integration into your system.
Define webhooks
When defining JSON webhooks, use the format "name":"value",. For example:
"current_state":"acknowledged",
When defining static webhook variables in a form payload, use the format name="value". For example:
current_state="acknowledged"
Do not include any custom, self-signed SSL certificates in your webhook. Our agents enable SSL by default. Due to our security policy, custom SSL certificates will not be imported into our Trust store.
Webhook values
We support these default dynamic webhook values. For your convenience, they are listed in alphabetical order, but you can define your webhook values in any order. You may also add custom variables by using your own key/value pairs.
| Key | Variable |
|---|---|
"account_id" |
Possible values: New Relic account ID (string) |
"account_name" |
Possible values: New Relic account name (string) |
"closed_violations_count_critical" |
|
"closed_violations_count_warning" |
|
"condition_id" |
|
"condition_description" |
This includes the description field from the alert condition, if there is one. |
"condition_name" |
Possible values: (user-defined string) |
"current_state" |
Possible values: |
"details" |
|
"duration" |
|
"event_type" |
Possible values: [ |
"incident_acknowledge_url" |
$INCIDENT_ACKNOWLEDGE_URL |
"incident_id" |
$INCIDENT_ID |
"incident_url" |
$INCIDENT_URL |
"metadata" |
Currently used only for Synthetic monitoring multi-location failure conditions. |
"open_violations_count_critical" |
|
"open_violations_count_warning" |
|
"owner" |
$EVENT_OWNER |
"policy_name" |
Possible values: (user-defined string) |
"policy_url" |
$POLICY_URL |
"runbook_url" |
$RUNBOOK_URL |
"severity" |
Possible values: [ |
"targets" |
The For static NRQL faceted alerts, the name of the facet that triggered the alert will be populated in the target’s name field. For a description of the available fields, see Target values. |
"timestamp" |
$TIMESTAMP |
"version" |
$VERSION |
"violation_callback_url" |
|
"violation_chart_url" |
$VIOLATION_CHART_URL |
Targets values
This section describes the $TARGETS field in your webhook. This data is not customizable and is provided here for reference. Your $TARGETS contain a list of zero or more targets (entities). Each target is described by a JSON object with the following fields.
| Key | Variable |
|---|---|
"id" |
ID of the target or entity |
"name" |
Name of the target or entity |
"labels" |
Combined entity tags and NRQL facets that are derived from the condition evaluation and available entity tags. |
"link" |
URL link to this target or entity. |
"product" |
Type of product for this target or entity; for example, |
"type" |
Type of target or entity under |
Webhook format example
The following examples show a webhook payload using both the default dynamic variables and a custom variable. You can use some or all of the dynamic variables, along with any custom variables, to define your own payload.
- JSON webhook example
-
The following webhook example has extra spaces and line breaks for readability. Actual webhook responses are delivered as one continuous line of text.
{ "account_id": "$ACCOUNT_ID", "account_name": "$ACCOUNT_NAME", "closed_violations_count_critical": "$CLOSED_VIOLATIONS_COUNT_CRITICAL", "closed_violations_count_warning": "$CLOSED_VIOLATIONS_COUNT_WARNING", "condition_family_id": "$CONDITION_FAMILY_ID", "condition_id": "$CONDITION_ID", "condition_name": "$CONDITION_NAME", "current_state": "$EVENT_STATE", "details": "$EVENT_DETAILS", "duration": "$DURATION", "event_type": "$EVENT_TYPE", "incident_acknowledge_url": "$INCIDENT_ACKNOWLEDGE_URL", "incident_id": "$INCIDENT_ID", "incident_url": "$INCIDENT_URL", "open_violations_count_critical": "$OPEN_VIOLATIONS_COUNT_CRITICAL", "open_violations_count_warning": "$OPEN_VIOLATIONS_COUNT_WARNING", "owner": "$EVENT_OWNER", "policy_name": "$POLICY_NAME", "policy_url": "$POLICY_URL", "runbook_url": "$RUNBOOK_URL", "severity": "$SEVERITY", "targets": "$TARGETS", "timestamp": "$TIMESTAMP", "violation_callback_url": "$VIOLATION_CALLBACK_URL", "violation_chart_url": "$VIOLATION_CHART_URL", "team": "DevOps" <--[example of custom variable] } - Form webhook example
-
The following webhook example has extra spaces and line breaks for readability. Actual webhook responses are delivered as one continuous line of text.
account_id=$ACCOUNT_ID account_name=$ACCOUNT_NAME closed_violations_count_critical=$CLOSED_VIOLATIONS_COUNT_CRITICAL closed_violations_count_warning=$CLOSED_VIOLATIONS_COUNT_WARNING condition_family_id=$CONDITION_FAMILY_ID condition_id=$CONDITION_ID condition_name=$CONDITION_NAME current_state=$EVENT_STATE details=$EVENT_DETAILS duration=$DURATION event_type=$EVENT_TYPE incident_acknowledge_url=$INCIDENT_ACKNOWLEDGE_URL incident_id=$INCIDENT_ID incident_url=$INCIDENT_URL open_violations_count_critical=$OPEN_VIOLATIONS_COUNT_CRITICAL open_violations_count_warning=$OPEN_VIOLATIONS_COUNT_WARNING owner=$EVENT_OWNER policy_name=$POLICY_NAME policy_url=$POLICY_URL runbook_url=$RUNBOOK_URL severity=$SEVERITY timestamp=$TIMESTAMP violation_callback_url=$VIOLATION_CALLBACK_URL violation_chart_url=$VIOLATION_CHART_URL team="DevOps" <--[example of custom variable]
- Plain text output
-
New Relic Alert Incident open: CPU > 50% for 5 minutes Policy: http://alerts.newrelic.com/accounts/1234/policies/5678 Chart URL: http://gorgon.nr-assets.net/image/12345678-abcd-efgh-ijkl-1234567890 For more details, see: http://alerts.newrelic.com/accounts/1234/incidents/3456