Integrate Prisma Cloud with Webhooks

Learn how to integrate Prisma™ Cloud with webhooks to see alerts in your service or application.
Integrate Prisma™ Cloud with webhooks to send Prisma Cloud alerts to webhooks and pass information to any third-party integrations that are not natively supported on Prisma Cloud. Your incident response teams can monitor the webhook channels to investigate and remediate security incidents. With a webhook integration, you can configure Prisma Cloud to send information to the webhook as an HTTP POST request as soon as an alert is generated. You can also modify the key format and value associated in the alert payload. If you have internal services or applications that subscribe to the webhook, these subscribing clients receive the alert data in a JSON format.
  1. Obtain your
    Webhook URL
    If you have additional details that you want to include in the payload to enable additional security or to verify the authenticity of the request, you can include these as key-value pairs in a custom header.
  2. Set up webhooks as an integration channel on Prisma Cloud.
    If you have a firewall or cloud Network Security Group between the internet and webhooks, you need to ensure network reachability and Enable Access to the Prisma Cloud Console.
    1. Log in to Prisma Cloud and select
    2. Add Integration
    3. Enter
      Integration Name
      and your
      Webhook URL
      You can also provide a
      of the integration for your records.
    4. Learn about your customization options.
      • Add custom
        HTTP Headers
        as key-value pairs.
        You can include an authentication token in the custom header. The integration includes Content-Type as a default header and you cannot edit it.
      • Use the JSON editor to modify the JSON data in the alert payload.
        You can review the existing payload and modify the key and value pairs to suit the implementation needs for the subscribing webhook client. The JSON editor includes the reference vocabulary for a brief description of each key.
        1. Enable
          Custom Payload
        2. Click
          to review the custom payload format.
          The alert payload information including the key and the value is displayed onscreen. You can revise the payload to meet your integration needs.
    5. Select
      to review the integration summary.
    6. Test
      Save Integration
      After you set up the integration successfully, you can use the Get Status link in
      to periodically check the integration status.
  3. Modify an existing alert rule or create a new alert rule to send alert notifications to webhook. (See Send Prisma Cloud Alert Notifications to Third-Party Tools.)
  4. View the alert POST requests on Webhook.

Recommended For You