In Web Development, "Webhook" is a method of augmenting or altering the behavior of a Web Page or Web Application with custom callbacks. They are usually triggered by some Event; When that Event occurs, the source site makes an "HTTP Request" to the URL configured for the Webhook.
The "Webhooks" feature introduced from TMOS v15.1.0 on the F5 "ASM" and "Advanced-WAF" Modules. And the good news is that It is possible to configure unlimited numbers of Webhooks for each Application Security Policy.
You can configure Webhooks to the Continuous Integrations / Continuous Delivery (CICD) Server, such as Jenkins or GitHub or Online Collaboration Server such as Slack or Microsoft Teams, for a specific policy along with each Webhook.
Due to the nature of Webhooks, this feature will not be fully operational if the 'DNS Lookup Server List' is empty on your device. Also, you need to make decision about the following items:
* Your desired "Event Type" --> Policy change or security event that starts a pipeline to the CI server (Including Policy Events, HTTP Request Events, and Incidents Events)
* Your destined "Webhook URL" --> Full URL including Hostname and Path URI of your CI Server (DNS Server is needed)
* Your desired "Content-Type" --> The content-type of your Message, if a Body exists (POST Method)
* Your desired Message for "Body" --> The template body of the Notification (Limited to 1024 Bytes)
* Your desired "Event Type" --> Policy change or security event that starts a pipeline to the CI server (Including Policy Events, HTTP Request Events, and Incidents Events)
* Your destined "Webhook URL" --> Full URL including Hostname and Path URI of your CI Server (DNS Server is needed)
* Your desired "Content-Type" --> The content-type of your Message, if a Body exists (POST Method)
* Your desired Message for "Body" --> The template body of the Notification (Limited to 1024 Bytes)
No comments:
Post a Comment