External Event Detection¶
External event detection is used to receive anomaly records generated by third-party systems and produce related events. Through the standard Webhook address in the detection rules, it generates corresponding monitoring event data, alert strategies, and visual dashboards in Guance.
Use Cases¶
Abnormal events or records generated by third-party systems are sent to an HTTP server via a POST request to a specified URL, generating event data for Guance.
Default Configuration¶
-
Monitor Name: Supports custom names
-
Webhook Address: A Webhook address is generated by default when entering the creation page, and you can customize additional parameters to mark the purpose of the address.
External event data is proactively reported to the Guance center by third-party systems, providing necessary event data. Only after detecting and matching the corresponding fields can events be generated, and alerts triggered upon abnormal records.
The required fields are shown in the following example: The five major fields under event
must be included to successfully match with Guance; extra_data
is a field for custom additions:
{
"event": {
"status": "warning",
"title": "External Event Monitor Test 1",
"message": "Hello, this is the message from the external event monitor",
"dimension_tags": {"heros": "caiwenji"},
"check_value": 20
},
"extraData": {
"name": "xxxxxxxx"
}
}
For more details, refer to External Event Monitor Event Reception.