External Event Detection¶

External event detection is used to receive anomaly records generated by third-party systems and produce related events. Through the standard Webhook address in the detection rules, it generates corresponding monitoring event data, alert strategies, and visual dashboards in TrueWatch.

Use Cases¶

Abnormal events or records generated by third-party systems are sent to an HTTP server via a POST request to a specified URL, generating event data for TrueWatch.

Default Configuration¶

1. Monitor Name: Supports custom names

2. Webhook Address: A Webhook address is generated by default when entering the creation page, and you can customize additional parameters to mark the purpose of the address.

External event data is proactively reported to the TrueWatch center by third-party systems, providing necessary event data. Only after detecting and matching the corresponding fields can events be generated, and alerts triggered upon abnormal records.

The required fields are shown in the following example: The five major fields under event must be included to successfully match with TrueWatch; extra_data is a field for custom additions:

{
    "event": {
        "status": "warning",
        "title": "External Event Monitor Test 1",
        "message": "Hello, this is the message from the external event monitor",
        "dimension_tags": {"heros": "jane doe"},
        "check_value": 20
    },
    "extraData": {
        "name": "xxxxxxxx"
    }
}

For more details, refer to External Event Monitor Event Reception.