How to pass custom event dimension to webhook payload?

How to pass custom event dimension to webhook payload?

We have a custom event to count number of open files in ASG memeber EC2 instances.

I can see instance ID as entityKey of the event and trying to pass value of entityKey when it matches the condition of the alert to pass it to AWS Event Bridge endpoint.

How can I pass entityKey dimension of this custom event to webhook payload, when it matches alert condition?

Hi, @bmarandi: It is not possible to pass custom data to webhook payloads, but you can pass custom data to violation descriptions: Alert custom violation descriptions | New Relic Documentation.

Is it possible to pass this violation description to webhook?

like this webhook payload:
{
“entityKey”: “{{tag.entityKey}}”
}

If yes, is there a documentation how to set this?

I can see tags like {{tag.entityName}} in document you mentioned but couldn’t find {{tag.entiryKey}}. Is {{tag.entity.Key}} an option?

I do not think it is possible to pass custom a violation description to a webhook. The available tags are based on FACETs in your NRQL alert condition. If your NRQL condition includes a FACET on entityKey, then you can use {{tag.entityKey}} in your custom violation description.

NRQL for alert condition is:

SELECT max(AppOpenFD) FROM AppOpenFDSample FACET entityKey

so tag.entityKey should be available to use in custom violation description.

But again, if it is not possible to pass custom violation description to webhook, then this is useless.

Maybe my approach is not correct.

Basically, I am monitoring number of open files on ASG member EC2 instances and I want to trigger a webhook if certain condition applies - let’s say number of open files in x minutes bigger than 10k - and pass instance ID of the EC2 instance that met the condition to AWS Event Bridge endpoint.

Based on this blog post:

I am trying to implement something like this:

  • Number of Open Files Event (With EC2 instance ID as entityKey) >
  • Policy with alert condition: query result bigger than 10k for at least 5 mins [query = ‘SELECT max(AppOpenFD) FROM AppOpenFDSample FACET entityKey’] >
  • Same policy’s Notification channel set to Webhook with Event Bridge endpoint and eventKey of the instance that met the condition as payload.

@philweber you mentioned that it is not possible to pass custom payload to webhook. So how can I implement above solution to notify Event Bridge with a payload including entityKey (Instnace ID)?

I don’t know if you can.