mirror/nttgin-BGPalerter
1
0
Fork 0
mirror of https://github.com/nttgin/BGPalerter.git synced 2024-05-19 06:50:08 +00:00
Code Issues Releases Wiki Activity
Files
a8647f6deef6cb8368b749f6a7a63173ab1b2fe2
nttgin-BGPalerter/docs/report-http.md
Massimo Candela a8647f6dee v1.26.0 release hotfix (#295) 
* updated development dependencies to bump lodash version to 4.17.19

* updated rpki-validator version

* update rpki-validator to support external vrps

* improved stability of monitorRPKI, increased test coverage
2020-07-18 18:43:30 +02:00

2.8 KiB
Raw Blame History

Send alerts with POST requests

BGPalerter can send alerts by means of POST requests to a provided URL. This can be done by configuring the module reportHTTP. Read here to understand how.

For configuring reportHTTP, essentially you need to specify two things:

  • The URL
  • A template of the POST request.

If you are using user groups, you can specify a URL for every user group. This can be done inside hooks, a dictionary containing API URLs grouped by user group (key: group, value: URL). The default user group is mandatory.
Example:

      hooks:
        default: https://MY_WEB_HOOK/
        noc: https://MY_WEB_HOOK_FOR_THE_NOC_GROUP

You can also specify a template for each type of alert (channel).
Example:

      isTemplateJSON: true
      templates:
        default: '{"message": "${summary}", "color": "blue"}'
        visibility: '{"message": "${summary}", "color": "orange"}'

Templates are expressed as strings. If the parameter isTemplateJSON is set to true, the string will be converted to JSON before to be posted.

What follows is a list of examples showing how to adapt this module to some well-known applications.

Mattermost

Mattermost is an open source messaging platform.

reports:
  - file: reportHTTP
    channels:
      - hijack
      - newprefix
      - visibility
      - path
      - misconfiguration
      - rpki
    params:
      templates:
        default: '{"attachments": [
          {"fields": [ {"title": "Prefix:", "value": "${prefix}", "short": "false"},
          {"title": "Expected from:", "value": "AS ${asn}", "short": "true"},
          {"title": "Seen from:", "value": "AS ${neworigin}", "short": "true"},
          {"title": "Since:", "value": "${earliest}", "short": "true"},
          {"title": "Event description":, "value": "${summary}"} ], 
          "text": "#bgpalerter #${type}", "color": "#ffffff"}]}'
      isTemplateJSON: true
      headers:
      showPaths: 0 # Amount of AS_PATHs to report in the alert
      hooks:
        default: WEBHOOK_URL

Thanks to @fstolba.

Pushover

Pushover is an app that makes it easy to get real-time notifications on your Android, iPhone, iPad, and Desktop.

- file: reportHTTP
   channels:
     - hijack
     - newprefix
     - visibility
     - path
     - misconfiguration
     - rpki
   params:
     templates:
       default: '{"message": "${channel}: ${summary}", "title": "BGPalerter", "priority": "1", "token": "_YOUR_API_TOKEN_HERE_", "user": "_YOUR_USER_KEY_HERE_"}'
     headers:
     isTemplateJSON: true
     showPaths: 0
     hooks:
       default: https://api.pushover.net/1/messages.json

Thanks to Hugo Salgado.

Reference in New Issue View Git Blame Copy Permalink