Configuring the Skytap Cloud webhook service for audit data

The Skytap Cloud webhook service provides Skytap Cloud account audit data in real time to a URL that you choose. Because the data is streamed continuously, you don’t need to query Skytap Cloud for updated information.

Currently, the webhook service provides account-wide auditing data, exactly the same data available from the administrator Auditing page, except in a real-time, continuous data stream.

Use the webhook service to create custom applications and reports. For example, if your organization uses scripts or other automation to add and remove VMs to a DNS server or Active Directory Domain server, the auditing webhook can provide environment data that the scripts can consume to automate these tasks.

To configure the auditing webhook
  1. Click Admin > Settings to navigate to the Settings page.

    Admin > Settings

  2. Click Enable auditing webhook. The Auditing Webhook section expands.

    auditing webhook

  3. Type the URL where the data will be sent. All audit events for the account will be sent to the destination URL.
  4. If the destination site is configured to use TLS encryption (optional, but strongly recommended), type or paste the public Certificate.

    You can use OpenSSL to retrieve the TLS public key with the following command:

    openssl s_client -showcerts -connect {webhookserver}:{port} </dev/null 2>/dev/null\|openssl x509 -outform PEM

  5. Click Save webhook.

If the destination URL is not available or stops responding, the webhook service will attempt to reconnect once per minute for up to six hours or 200 attempts. If it can’t reconnect, the webhook service will be disabled until you reconfigure it.

Skytap webhook data format

The webhook generates a JSON representation of all of the data available from the administrator Auditing report. For a complete list of auditing activities, see Generating audit reports

Example Skytap webhook data payload

  "version": 1,
  "message_id": "456",
  "category": "auditing",
  "timestamp": "2000-01-01T00:00:00Z",
  "Payload": [{
    "id": 98765432,
    "type": "Shutdown Environment",
    "type_code": "ShutdownConfigurationHistory",
    "date": "2019-01-27T12:34:56Z",
    "region": "us-west",
    "payload": {},
    "user": {"id": null, "name": "auto_power_options"},
    "department": {"id": null, "name": null},
    "project": {"id": null, "name": null},
    "operation_id": "trn.a1b2c3456d78987654ef3edc210b1234.56789.876/trn.5a5432b10c1d234567ef8e9d8cb7654a.3210.123.4",
    "customer": {"id": 2, "name": "Administrators"},
    "operated_on": [
      {"resource_type": "environment", "name": "Copy of ubuntu - diskless", "id": 9876543, "guid": "configuration-1234567"},
      {"resource_type": "vm", "name": "Ubuntu 10.04 desktop", "id": 2832140, "guid": "vm-1234567-8987654"}