Webhooks - Custom Event Handling
Real-time infrastructure monitoring for DevOps
Webhook Endpoint Setup
Route StatusPulse incident alerts directly to your internal systems, PagerDuty queues, or engineering Slack channels. Define your HTTPS endpoint and select the event triggers that align with your on-call rotation.
Endpoint Registration
Navigate to Settings > Integrations > Webhooks. Enter a publicly accessible HTTPS URL (e.g., `https://hooks.yourcompany.com/statuspulse`). StatusPulse validates the route with a `200 OK` handshake before enabling live traffic. Subdomains under `*.statuspulse.io` are automatically whitelisted for outbound connections.
Event Trigger Selection
Bind your endpoint to specific lifecycle events. Enable `incident_opened` for immediate on-call routing, `incident_updated` for status changes, and `incident_resolved` for post-mortem automation. Filter by monitor group (e.g., `api-gateway`, `payment-processing`) to reduce noise in your primary communication channels.
Delivery & Retry Policy
StatusPulse attempts delivery within 200ms of event generation. Failed payloads trigger an exponential backoff sequence: 1m, 5m, 15m, 60m. After four consecutive failures, the webhook is paused and a notification is sent to your engineering Slack. Resume delivery instantly from the dashboard.
JSON Payload Specifications
Every webhook POST request contains a standardized JSON body. Parse the `event_type` field to route logic appropriately. All timestamps follow ISO 8601 UTC format and numeric values reflect exact telemetry captured at the probe level.
incident_opened
{
"event_type": "incident_opened",
"incident_id": "INC-8842-ALPHA",
"monitor_name": "checkout-api-prod",
"status": "investigating",
"triggered_at": "2024-03-15T14:22:01Z",
"details": {
"endpoint": "https://api.yourcompany.com/v2/checkout",
"response_code": 503,
"latency_ms": 1240,
"region": "us-east-1"
}
}incident_resolved
{
"event_type": "incident_resolved",
"incident_id": "INC-8842-ALPHA",
"monitor_name": "checkout-api-prod",
"status": "resolved",
"resolved_at": "2024-03-15T15:05:44Z",
"details": {
"downtime_duration_seconds": 2623,
"final_response_code": 200,
"auto_resolved": true,
"engineer_notes": "Cache flush restored connectivity"
}
}Signature Validation & Security
Protect your internal endpoints from spoofed requests. StatusPulse signs every payload using HMAC-SHA256 with your unique webhook secret. Validate the `X-StatusPulse-Signature` header before processing any data or triggering downstream automation.
HMAC Verification Flow
Extract the `X-StatusPulse-Signature` header from the incoming POST request. Generate a local HMAC-SHA256 digest using your webhook secret and the raw request body. Compare the computed hash against the header value using a constant-time comparison function. Reject the request immediately if the signatures do not match.
Secret Rotation & Network Controls
Rotate webhook secrets directly from the integration dashboard without service interruption. StatusPulse maintains a dual-signature window for 24 hours during rotation. For strict network policies, restrict inbound traffic to our static egress IPs: `104.21.45.112`, `172.67.188.94`, and `198.41.215.33`. TLS 1.2+ is enforced on all outbound connections.