Set up Webhooks
Once you have installed and licensed our SCOM Management Pack, you can continue with setting up Webhooks. Webhooks are an interesting destination type that provides a lot of flexibility. Due to their nature, it’s very difficult to provide an exhaustive set of setup instructions and requirements. However, our Webhooks notification connections should work with any webhook that accepts unauthenticated POST calls with JSON body. We have a few different examples below that should help you get started!
Sample Raw Content
The following gives an example of the content that can be posted to a webhook
Basic
{
"alertid": "58615241-8fa2-444b-bfca-65b9b417b092",
"description": "Cluster IP address resource 'Cluster IP Address' failed to renew the lease for IP address '192.0.2.10'. Ensure that the DHCP server is accessible and properly configured to renew the lease on this IP address.\n",
"monitoringobjectname": null,
"name": "Cluster IP address resource encountered an error with a leased address"
}
Detailed
{
"alertid": "58615241-8fa2-444b-bfca-65b9b417b092",
"category": "Alert",
"context": {
"DataItem": {
"@type": "Microsoft.Windows.EventData",
"@time": "2021-07-05T14:38:48.9740697+00:00",
"@sourceHealthServiceId": "AC8931A4-BE4A-D3CE-1A5F-029635A4382C",
"EventOriginId": "{4C3E08FD-C399-4261-B460-3072E8FF1591}",
"PublisherId": "{BAF908EA-3421-4CA9-9B84-6689B8C6F85F}",
"PublisherName": "Microsoft-Windows-FailoverClustering",
"EventSourceName": "Microsoft-Windows-FailoverClustering",
"Channel": "System",
"LoggingComputer": "Hostname.Domain.TLD",
"EventNumber": "1245",
"EventCategory": "20",
"EventLevel": "1",
"UserName": "NT AUTHORITY\\SYSTEM",
"RawDescription": {
"#cdata-section": "Cluster IP address resource '%1' failed to renew the lease for IP address '%2'. Ensure that the DHCP server is accessible and properly configured to renew the lease on this IP address.\r\n"
},
"LCID": "1033",
"CollectDescription": {
"@Type": "Boolean",
"#text": "true"
},
"Params": {
"Param": [
"Cluster IP Address",
"192.0.2.10",
"4",
"-"
]
},
"EventData": {
"DataItem": {
"@type": "System.XmlData",
"@time": "2021-07-05T14:38:48.9740697+00:00",
"@sourceHealthServiceId": "AC8931A4-BE4A-D3CE-1A5F-029635A4382C",
"EventData": {
"@xmlns": "http://schemas.microsoft.com/win/2004/08/events/event",
"Data": [
{
"@Name": "ResourceName",
"#text": "Cluster IP Address"
},
{
"@Name": "IPAddress",
"#text": "192.0.2.10"
},
{
"@Name": "BinaryParameterLength",
"#text": "4"
},
{
"@Name": "BinaryData",
"#text": "CA140000"
}
]
}
}
},
"EventDisplayNumber": "1245",
"EventDescription": {
"#cdata-section": "Cluster IP address resource 'Cluster IP Address' failed to renew the lease for IP address '192.0.2.10'. Ensure that the DHCP server is accessible and properly configured to renew the lease on this IP address.\r\n"
},
"CorrelationActivityId": "{939A6A7F-9881-41A4-A966-3E45457E93F8}",
"CorrelationRelatedActivityId": "{939A6A7F-9881-41A4-A966-3E45457E93F8}",
"Keywords": "-9223372036854775808",
"ProcessId": "4200",
"ThreadId": "2964"
}
},
"customfield1": "Service Desk",
"customfield10": null,
"customfield2": null,
"customfield3": null,
"customfield4": "New",
"customfield5": null,
"customfield6": null,
"customfield7": null,
"customfield8": null,
"customfield9": null,
"description": "Cluster IP address resource 'Cluster IP Address' failed to renew the lease for IP address '192.0.2.10'. Ensure that the DHCP server is accessible and properly configured to renew the lease on this IP address.\n",
"ismonitoralert": "False",
"lastmodified": "07-07-2021 10:04:18 UTC",
"managementgroup": "SCOM_PRD",
"managementpackdisplayname": "Windows Server 2016 and 1709+ Cluster Management Monitoring",
"managementpackname": "Microsoft.Windows.2016.Cluster.Management.Monitoring",
"monitoringobjectdisplayname": "Cluster Service",
"monitoringobjectfullname": "Microsoft.Windows.Cluster.Service:Hostname.Domain.TLD",
"monitoringobjectid": "4d4024df-70df-07e5-afaa-e994e6f56499",
"monitoringobjectinmaintenancemode": "False",
"monitoringobjectname": null,
"monitoringobjectparentids": "4d4024df-70df-07e5-afaa-e994e6f56499, 1de13bda-68f5-1fd2-a214-e46502032bf6, 4de8b287-2b66-4615-9364-162d447812b9, ecb89faf-90ed-dc85-aaec-a8911320cb65, 1d62280e-f437-1369-316b-1e8659500e9a, e95d667a-a9ff-73e4-bab5-30320918ee0e, 1cda808e-5b0e-d25e-5275-3c8b136d62ed, 603c9394-cbf5-a5d1-be77-45c0d6755902, 6aae6166-5693-98bb-7a34-4e8ab3030636, 6f7e3306-beeb-2996-3795-7c1eafb925b8, d706f0fd-61f1-4a87-277a-928ddb1a76b6, 8da8ac08-eb10-6564-6a71-ab483f40500d, eee94a5c-247b-2da4-aba2-c820e6f754dc, 248ca7e0-68be-12fb-4f72-161d4362cbf2",
"monitoringobjectparentnames": ", Cluster Service, Hostname.Domain.TLD, Cluster01, Windows Clusters, Windows Server Computer Group, Windows Server 2016 and 1709+ Computer Group, Operations Manager Agent Managed Computer Group, IIS Computer Group, Windows Server Instances Group, All Windows Computers, IIS 10 Computer Group, Windows Server 2016 and 1709+ Computer Group (Core), Kingston Store Servers, All Stores",
"monitoringobjectpath": "Hostname.Domain.TLD",
"name": "Cluster IP address resource encountered an error with a leased address",
"netbioscomputername": "Hostname",
"owner": null,
"parameters": [
"Cluster IP address resource 'Cluster IP Address' failed to renew the lease for IP address '192.0.2.10'. Ensure that the DHCP server is accessible and properly configured to renew the lease on this IP address.\n"
],
"principalname": "Hostname.Domain.TLD",
"priority": "Normal",
"repeatcount": "0",
"resolutionstate": "0",
"resolutionstatename": "New",
"severity": "Warning",
"sitename": null,
"timeraised": "05-07-2021 14:39:12 UTC",
"timeresolved": null,
"workflowdisplayname": "Cluster IP address resource encountered an error with a leased address",
"workflowname": "Microsoft.Windows.10.0.Cluster.Management.Monitoring.Cluster.IP.address.resource.encountered.an.error.with.a.leased.address"
}
Webhook.site
Webhook.site is a basic webhook test site. This does not need configuration as such, when you navigate to the site you will be generated a webhook which you can provide to Connection Center. Any notification you send through will be displayed in its entirety. It is a great place to quickly test out the feature. However, it is something you should do carefully as this is a public endpoint.
Microsoft has some further detail on how to use this in their documentation here.
Azure Logic Apps
Azure Logic Apps are a cloud-based workflow solution and are an easy but powerful way to use webhooks. You can find the official Microsoft Documentation on their docs site here and a portal-based quickstart guide here.
For Connection Center purposes you will need to start with an HTTP request trigger:
Which will then take you to the Logic App Designer page and show you your trigger:
Save the Logic App to generate a URL for use with Connection Center. Copy this URL and if you are not the SCOM admin please pass this to them.
From here you can build out your logic app adding steps as required to implement your desired functionality.
(Video) Connection Center for Webhooks Intro
Join Bruce for a demonstration of how to use Logic Apps to implement a VM restart workflow.
Further Reading and Next Steps
If you are not the SCOM admin then chances are your next steps will be around configuring your destination and implementing the required functionality. If so your work here is probably done.
If you are the SCOM administrator then your next step would be to move on to setting up Outbound Notification Connections with a focus on Outbound Notifications for Webhooks.