• Administrator overview
• Managing users and permissions
  • User roles and access permissions
  • Creating users
  • Editing users
  • Unlocking a user account
  • Resending a user activation link
  • Deleting or deactivating users
  • Using groups
  • Managing departments
  • Managing passwords and password policies
  • Setting account-wide access policies
  • Changing a resource owner
  • Using Single Sign-On (SSO)
    • Using Single Sign-on (SSO) with Azure Active Directory (AAD)
    • Configuring an ADFS claim rule for SSO
• Managing account-wide settings
  • Adding container registries
• Managing public IP addresses
• Managing WANs
  • Overview: VPNs
    • Creating a VPN
      • VPN configuration parameters
        • AWS VPC: VPN configuration example
        • Azure VPN: VPN configuration example
        • Cisco ASA: VPN configuration example
        • Cisco IOS: VPN configuration example
        • Juniper SRX: VPN configuration example
        • pfSense: VPN configuration example
        • strongSwan: VPN configuration example
  • Overview: Skytap on Azure ExpressRoute connections
    • Creating a Skytap on Azure ExpressRoute connection
    • Creating a customer-managed Skytap on Azure ExpressRoute connection
  • Testing the WAN
    • Troubleshooting VPN test failures
  • Connecting an environment network to a WAN
  • Configuring WAN access controls
  • Editing an existing WAN connection
  • Disable a WAN
• Managing Metered RAM and storage usage
  • How usage is calculated
  • Viewing current usage and enabling pay-as-you-go capacity
  • Reserved capacity for Skytap on Azure
  • Reserved capacity for Skytap on IBM Cloud
  • Setting usage limits
  • Setting up notifications
  • VM pinning
• Reporting overview
  • Viewing and exporting user information
  • Viewing and exporting group information
  • Generating department reports
  • Generating audit reports
    • Configuring the webhook service for audit data
  • Viewing usage data
    • Using labels for in-depth reporting
    • Creating usage label categories
    • Configuring the webhook service for usage data
  • Enabling other users to generate reports
• Security best practices
• Other best practices
• Sharing templates with users in other Skytap accounts
• Finding the source environment from a sharing portal URL
• Including your logo in the Skytap interface

Configuring the webhook service for audit data

The Skytap webhook service provides Skytap account audit data in real time to a URL that you choose. Because the data is streamed continuously, you don’t need to query Skytap for updated information.

The auditing webhook service provides account-wide auditing data—exactly the same data available from the administrator Auditing page—in a real-time, continuous data stream.

Use the webhook service to create custom applications and reports. For example, if your organization uses scripts or other automation to add and remove VMs to a DNS server or Active Directory Domain server, the auditing webhook can provide environment data that the scripts can consume to automate these tasks.

To configure the auditing webhook

1. Click Manage > Settings to navigate to the Settings page.

   

2. Under Auditing Webhook, click Enable webhook. The Auditing Webhook section expands.

   

3. Type the Webhook URL where the data will be sent. All audit events for the account will be sent to the destination URL.

   The Webhook URL must use HTTPS over port 443.

4. Type or paste the public TLS Certificate for the destination site.

   You can use OpenSSL to retrieve the TLS public key with the following command:

   openssl s_client -showcerts -connect {webhookserver}:{port} </dev/null 2>/dev/null|openssl x509 -outform PEM

5. Click Save webhook.

If the destination URL isn’t available or stops responding, the webhook service will attempt to reconnect once per minute for up to six hours or 200 attempts. If it can’t reconnect, the webhook service will be disabled until you reconfigure it.

Skytap webhook data format

The webhook generates a JSON representation of all of the data available from the administrator Auditing report. For a complete list of auditing activities, see Generating audit reports

Example Skytap webhook data payload

{
  "version": 1,
  "message_id": "456",
  "category": "auditing",
  "timestamp": "2000-01-01T00:00:00Z",
  "Payload": [{
    "id": 98765432,
    "type": "Shutdown Environment",
    "type_code": "ShutdownConfigurationHistory",
    "date": "2019-01-27T12:34:56Z",
    "region": "us-west",
    "payload": {},
    "user": {"id": null, "name": "auto_power_options"},
    "department": {"id": null, "name": null},
    "project": {"id": null, "name": null},
    "operation_id": "trn.a1b2c3456d78987654ef3edc210b1234.56789.876/trn.5a5432b10c1d234567ef8e9d8cb7654a.3210.123.4",
    "customer": {"id": "666", "name": "Administrators"},
    "operated_on": [
      {"resource_type": "environment", "name": "Copy of ubuntu - diskless", "id": 9876543, "guid": "configuration-1234567"},
      {"resource_type": "vm", "name": "Ubuntu 10.04 desktop", "id": 2832140, "guid": "vm-1234567-8987654"}
    ]
  }]
}