Custom webhook actions Action Security Policy

Security policies for Custom webhook actions support the following restrictions:

Allow webhook actions disables or enables webhook actions. When disabled, webhooks actions will not be available in the list of available actions.
Enforcing a URL allowlist limits the range of URLs that can be used to communicate with an external webhook. The configuration supports wildcards, for example:
ini
```
*crowdstrike.com
```
Would allow webhooks on any domain ending in crowdstrike.com.
Additional glob patterns can be added by clicking the + button. Existing glob patterns can be deleted by clicking the trash can button next to each pattern.

If you try to create a webhook action that is not compatible with the allowlist, a message will be displayed:

If an allowlist is added after an incompatible webhook action has been added with an address not in the allowlist, the action will be disabled. This will be flagged on the Actions page:

Falcon LogScale Self-Hosted 1.132.0-1.137.0 (Preview)

Self-Hosted Overview

Installing LogScale

Self-Hosted Admin.

Organization Essentials

Configuring Security

Authentication & Identity Providers

Users & Permissions

Cluster Management

Configuration Settings

Ingesting Data

LogScale Configuration Parameters

LogScale URLs & Endpoints

Limits & Standards

Data Analysis 1.132.0-1.137.0

Data Analysis Overview

LogScale User Interface

Repositories & Views

Parsing Data

Searching Data

Writing Queries

Query Language Syntax

Query Functions

Dashboards & Widgets

Automation

Template Language

Keyboard Shortcuts

Custom webhook actions Action Security Policy

Enter search term