Security Requirements and Controls
API Stability Long-Term

The testWebhookAction() GraphQL mutation is used to test a webhook action.

Syntax

graphql
testWebhookAction(
      input: TestWebhookAction!
   ): TestResult!

For the input, you'll have to provide several parameters and values for the web action you want to test. See the Given Datatypes for more details.

Example

Below is an example of how this mutation field might be used:

Raw
graphql
mutation {
  testWebhookAction( input: 
    { viewName: "humio",
      name: "tug",
      url: "https://webhook.company.com",
      method: "POST",
      headers: [ {header: "Content-Type", value: "application/json"} ],
      bodyTemplate: 
             """{"repository": "{repo_name}","timestamp": "{triggered_timestamp}",
                "alert": { "name": "{name}", "query": {"queryString": "{query_string}"} },
                "warnings": "{warnings}", 
                "events": {events}, 
                "numberOfEvents": {event_count} }""",
      ignoreSSL: false,
      useProxy: false,
      triggerName: "wake-up",
      eventData: "[{\"#type\":\"kv\"}]",
      } )
  { success }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  testWebhookAction( input: 
    { viewName: \"humio\",
      name: \"tug\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false,
      triggerName: \"wake-up\",
      eventData: \"[{\\"#type\\":\\"kv\\"}]\",
      } )
  { success }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  testWebhookAction( input: 
    { viewName: \"humio\",
      name: \"tug\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false,
      triggerName: \"wake-up\",
      eventData: \"[{\\"#type\\":\\"kv\\"}]\",
      } )
  { success }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  testWebhookAction( input:  ^
    { viewName: \"humio\", ^
      name: \"tug\", ^
      url: \"https://webhook.company.com\", ^
      method: \"POST\", ^
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ], ^
      bodyTemplate:  ^
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\", ^
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} }, ^
                \"warnings\": \"{warnings}\",  ^
                \"events\": {events},  ^
                \"numberOfEvents\": {event_count} }\"\"\", ^
      ignoreSSL: false, ^
      useProxy: false, ^
      triggerName: \"wake-up\", ^
      eventData: \"[{\\"#type\\":\\"kv\\"}]\", ^
      } ) ^
  { success } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  testWebhookAction( input: 
    { viewName: \"humio\",
      name: \"tug\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false,
      triggerName: \"wake-up\",
      eventData: \"[{\\"#type\\":\\"kv\\"}]\",
      } )
  { success }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  testWebhookAction( input: 
    { viewName: \"humio\",
      name: \"tug\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false,
      triggerName: \"wake-up\",
      eventData: \"[{\\"#type\\":\\"kv\\"}]\",
      } )
  { success }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  testWebhookAction( input: 
    { viewName: \"humio\",
      name: \"tug\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false,
      triggerName: \"wake-up\",
      eventData: \"[{\\"#type\\":\\"kv\\"}]\",
      } )
  { success }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  testWebhookAction( input: 
    { viewName: \"humio\",
      name: \"tug\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false,
      triggerName: \"wake-up\",
      eventData: \"[{\\"#type\\":\\"kv\\"}]\",
      } )
  { success }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "testWebhookAction": {
      "success": false
    }
  }
}

Given Datatype

For this input datatype, you would provide the name of the view associated with the action to test, a trigger name — which can be a mock value for testing — the URL where to send requests, the headers, and some other parameters. These are listed and explained in the table below:

Table: TestWebhookAction

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 20, 2024
bodyTemplatestringyes Long-TermThe body of the http(s) request. Can be templated with values from the result.
eventDatastringyes Long-TermJSON data representing one or more events. One event can be supplied as a JSON object. Multiple events must be supplied as a list of JSON objects.
headers[HttpHeaderEntryInput]yes Long-TermThe headers of the http(s) request. See HttpHeaderEntryInput.
ignoreSSLbooleanyes Long-TermWhether SSL should be ignored for the request.
methodstringyes Long-TermThe method to use for the request.
namestringyes Long-TermThe name of the action.
triggerNamestringyes Long-TermThe name of the action. This is a mock value, the trigger doesn't have to exist.
urlstringyes Long-TermThe URL where to send the http(s) request.
useProxybooleanyes Long-TermDefines whether the action should use the configured proxy to make web requests.
viewNamestringyes Long-TermThe name of the view of the action.

Returned Datatype

The returned datatype will tell you if the test was succesful and it will provide a message explaining results. This is described in the table below:

Table: TestResult

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Oct 3, 2024
messagestringyes Long-TermA message explaining the test result.
successbooleanyes Long-TermTrue if the test was a success, false otherwise.