Webhook integration is available for enterprise plans only.
You can create a custom webhook that receives Intezer Protect events and forward those events to another application such as SIEM, ticket management, or custom app.
The following Intezer Protect events can be exported via webhook:
- Alerts
Overview
After configuring the webhook, when Intezer Protect generates an alert, it automatically sends that alert to the URL endpoint you configure in the webhook.
Intezer Protect sends an HTTP POST request with the payload in JSON format as shown in GET /v1-0/alerts/{alert_id} API request.
Set up the Integration
Integration can be set up in the settings page.
Note:
It's required to allow the following IPs to set up this integration -
54.80.156.223
54.196.73.237
54.196.73.35