API Stability Long-Term

The updateWebhookAction() GraphQL mutation is used to update a webhook action in LogScale.

For more information on Webhook actions, see the Action Type: Webhooks documentation page. You may also want to look at the Actions page for related information.

Syntax

Below is the syntax for the updateWebhookAction() mutation field:

graphql
updateWebhookAction(
     input: UpdateWebhookAction!
   ): WebhookAction!

Below is an example of how this mutation field might be used:

Raw
graphql
mutation {
  updateWebhookAction( input:
    { viewName: "humio",
      id: "abc123",
      name: "my-webhook-action",
      url: "https://webhook.company.com",
      method: "POST",
      headers: [ {header: "Content-Type", value: "application/json"} ],
      bodyTemplate: 
             """{"repository": "{repo_name}","timestamp": "{triggered_timestamp}",
                "alert": { "name": "{name}", "query": {"queryString": "{query_string}"} },
                "warnings": "{warnings}", 
                "events": {events}, 
                "numberOfEvents": {event_count} }""",
      ignoreSSL: false,
      useProxy: false
    } )
  { id }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  updateWebhookAction( input:
    { viewName: \"humio\",
      id: \"abc123\",
      name: \"my-webhook-action\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false
    } )
  { id }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  updateWebhookAction( input:
    { viewName: \"humio\",
      id: \"abc123\",
      name: \"my-webhook-action\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false
    } )
  { id }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  updateWebhookAction( input: ^
    { viewName: \"humio\", ^
      id: \"abc123\", ^
      name: \"my-webhook-action\", ^
      url: \"https://webhook.company.com\", ^
      method: \"POST\", ^
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ], ^
      bodyTemplate:  ^
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\", ^
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} }, ^
                \"warnings\": \"{warnings}\",  ^
                \"events\": {events},  ^
                \"numberOfEvents\": {event_count} }\"\"\", ^
      ignoreSSL: false, ^
      useProxy: false ^
    } ) ^
  { id } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  updateWebhookAction( input:
    { viewName: \"humio\",
      id: \"abc123\",
      name: \"my-webhook-action\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false
    } )
  { id }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  updateWebhookAction( input:
    { viewName: \"humio\",
      id: \"abc123\",
      name: \"my-webhook-action\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false
    } )
  { id }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  updateWebhookAction( input:
    { viewName: \"humio\",
      id: \"abc123\",
      name: \"my-webhook-action\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false
    } )
  { id }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  updateWebhookAction( input:
    { viewName: \"humio\",
      id: \"abc123\",
      name: \"my-webhook-action\",
      url: \"https://webhook.company.com\",
      method: \"POST\",
      headers: [ {header: \"Content-Type\", value: \"application/json\"} ],
      bodyTemplate: 
             \"\"\"{\"repository\": \"{repo_name}\",\"timestamp\": \"{triggered_timestamp}\",
                \"alert\": { \"name\": \"{name}\", \"query\": {\"queryString\": \"{query_string}\"} },
                \"warnings\": \"{warnings}\", 
                \"events\": {events}, 
                \"numberOfEvents\": {event_count} }\"\"\",
      ignoreSSL: false,
      useProxy: false
    } )
  { id }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL/graphql',
  path: '/graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "updateWebhookAction": {
      "id": "abc123"
    }
  }
}

Given Datatypes

For the given datatype, UpdateWebhookAction, there are several parameters that may be given. Below is a list of them along with a description of each:

Table: UpdateWebhookAction

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Sep 23, 2024
bodyTemplatestringyes Long-TermBody of the http(s) request. Can be templated with values from the result.
headers[HttpHeaderEntryInput]yes Long-TermHeaders of the http(s) request. See HttpHeaderEntryInput.
idstringyes Long-TermThe unique identifier of the action.
ignoreSSLbooleanyes Long-TermFlag indicating whether SSL should be ignored for the request.
methodstringyes Long-TermThe method to use for the request.
namestringyes Long-TermThe name of the action.
urlstringyes Long-TermThe URL where to send the http(s) request.
useProxybooleanyes Long-TermDefines whether the action should use the configured proxy to make web requests.
viewNamestringyes Long-TermName of the view of the action.

Returned Datatypes

The returned datatype WebhookAction has many parameters. Below is a list of them along with a description of each:

Table: WebhookAction

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Sep 17, 2025
allowedActions[AssetAction]yes Short-TermA list of allowed asset actions. See AssetAction . This is a preview and subject to change.
bodyTemplatestringyes Long-TermBody of the http and https request. Can be templated with values from the result.
createdInfoAssetCommitMetadata  Long-TermMetadata related to the creation of the action. See AssetCommitMetadata.
displayNamestringyes Long-TermThe display name of the action.
headers[HttpHeaderEntry]yes Long-TermHeaders of the http and https requests. See HttpHeaderEntry.
idstringyes Long-TermThe unique identifier of the action.
ignoreSSLbooleanyes Long-TermWhether SSL should be ignored for the request.
isAllowedToRunbooleanyes Long-TermSet to false to disable this type of action for security reasons.
labels[string]yes PreviewLabels associated with the action.
methodstringyes Long-TermMethod to use for the request.
modifiedInfoAssetCommitMetadata  Long-TermMetadata related to the latest modification of the action. See AssetCommitMetadata.
namestringyes Long-TermThe name of the action.
packagePackageInstallationyes Long-TermThe package, if there is one, of which the action is part. See PackageInstallation.
packageIdVersionedPackageSpecifier  Long-TermThe unique identifier of the package. See VersionedPackageSpecifier.
requiresOrganizationOwnedQueriesPermissionToEditbooleanyes Long-TermThis should be set to true if this action is used by triggers, where the query is run by the organization. If true, then the OrganizationOwnedQueries permission is required to edit the action. See Permission.
resourcestringyes Short-TermThe resource identifier for the action.
urlstringyes Long-TermThe URL where to send http and https requests.
useProxybooleanyes Long-TermWhether the action should use the configured proxy to make web requests.
yamlTemplateYAMLyes Long-TermA template that can be used to recreate the action. YAML is a scalar.