Customize your webhook payload

Admins or Owner

If you use webhooks as your alert notification channel, you can use the default values in New Relic Alerts. You can also customize the payload in the POST message for further integration into your system.

Define webhooks

When defining JSON webhooks, use the format "name":"value",. For example:

"current_state":"acknowledged",

When defining webhooks with a form payload, use the format name="value". For example:

current_state="acknowledged"

Do not include any custom, self-signed SSL certificates in your webhook. New Relic agents enable SSL by default. Due to New Relic's security policy, custom SSL certificates will not be imported into New Relic's Trust store.

Webhook values

New Relic Alerts supports these default webhook values. For your convenience, they are listed in alphabetical order, but you can define your webhook values in any order. Substitute your specific value for any $VARIABLE, and enclose it with quote marks.

Key Variable
"account_id"

$ACCOUNT_ID

Possible values: New Relic account ID (string)
"account_name"

$ACCOUNT_NAME

Possible values: New Relic account name (string)
"closed_violations_count_critical"

$CLOSED_VIOLATIONS_COUNT_CRITICAL
"closed_violations_count_warning"

$CLOSED_VIOLATIONS_COUNT_WARNING
"condition_id"

$CONDITION_ID
"condition_name"

$CONDITION_NAME

Possible values: (user-defined string)
"current_state"

$EVENT_STATE

Possible values: [OPEN|ACKNOWLEDGED|CLOSED]
"details" $EVENT_DETAILS
"duration"

$DURATION
"event_type"

$EVENT_TYPE

Possible values:

  • INCIDENT
"incident_acknowledge_url" $INCIDENT_ACKNOWLEDGE_URL
"incident_api_url" $INCIDENT_API_URL
"incident_id" $INCIDENT_ID
"incident_url" $INCIDENT_URL
"open_violations_count_critical"

$OPEN_VIOLATIONS_COUNT_CRITICAL
"open_violations_count_warning"

$OPEN_VIOLATIONS_COUNT_WARNING
"owner" $EVENT_OWNER
"policy_name"

$POLICY_NAME

Possible values: (user-defined string)
"policy_url" $POLICY_URL
"runbook_url" $RUNBOOK_URL
"severity"

$SEVERITY

Possible values: [INFO|WARN|CRITICAL]
"targets"

$TARGETS

The $TARGETS variable cannot be used with FORM data, but is compatible with JSON data.
"timestamp" $TIMESTAMP
"version" $VERSION
"violation_callback_url"

$VIOLATION_CALLBACK_URL
"violation_chart_url" $VIOLATION_CHART_URL

Webhook format example

This is a webhook example to open a web app alert policy's incident that is triggered when the Apdex setting is greater than 0.80 for at least ten minutes. The example includes many of the available variables, but you do not need to use all of them for your own webhooks.

JSON webhook example

The following webhook example has extra spaces and line breaks for readability. Actual webhook responses are delivered as one continuous line of text.

// If you copy and paste this example, be sure to change all values for your own purposes.
{
"current_state":"open",  <--[open|acknowledged|closed]
"details":"Apdex < .80 for at least 10 min",
"severity":"WARN",       <--[INFO|WARN|CRITICAL]
"incident_api_url":"https://alerts.newrelic.com/api/explore/applications/incidents/1234",
"incident_url":"https://alerts.newrelic.com/accounts/99999999999/incidents/1234",
"owner":"user name",
"policy_url":"https://alerts.newrelic.com/accounts/99999999999/policies/456",
"chart_url":"http://gorgon.nr-assets.net/image/12345678-abcd-efgh-ijkl-1234567890",
"runbook_url":"https://localhost/runbook",
"policy_name":"APM Apdex policy",
"condition_id":987654,
"condition_name":"My APM Apdex condition name",
"event_type":"INCIDENT",
"incident_id":1234,
"targets":[
  {
   "id":"23456",
   "name":"My Application",
   "link":"https://alerts.newrelic.com/accounts/99999999999/applications/23456?tw[start]=1425415729&tw[end]=1425417529",
   "labels":{
     "Service":"Account Service",
     "Product":"APM",
     "Team":"APM Team"
   },
   "type":"APM:Application"
  }
 ],
"timestamp":1425417514074
}
Form webhook example

The following webhook example has extra spaces and line breaks for readability. Actual webhook responses are delivered as one continuous line of text.

// If you copy and paste this example, be sure to change all values for your own purposes.
current_state="open"
details="Apdex < .80 for at least 10 min",
severity="WARN"
incident_api_url="https://alerts.newrelic.com/api/explore/applications/incidents/1234"
incident_url="https://alerts.newrelic.com/accounts/99999999999/incidents/1234"
owner="user name"
policy_url="https://alerts.newrelic.com/accounts/99999999999/policies/456"
chart_url="http://gorgon.nr-assets.net/image/12345678-abcd-efgh-ijkl-1234567890"
runbook_url="https://localhost/runbook"
policy_name="APM Apdex policy"
condition_id=987654
condition_name="My APM Apdex condition name"
event_type="INCIDENT"
incident_id=1234
timestamp=1425417514074
Plain text output
New Relic Alert
Incident open: CPU > 50% for 5 minutes
Policy: http://alerts.newrelic.com/accounts/1234/policies/5678
Chart URL: http://gorgon.nr-assets.net/image/12345678-abcd-efgh-ijkl-1234567890

For more details, see:
http://alerts.newrelic.com/accounts/1234/incidents/3456

For more help

Recommendations for learning more: