Generic Webhooks
Send database audit alerts to any HTTP endpoint with customizable payloads, authentication, and headers. Build custom integrations with your existing tools and workflows.
Custom Payloads
Use Handlebars templates to format alert data exactly how your endpoint expects it.
Multiple Auth Methods
Support for Basic, Bearer, API Key, and HMAC signature authentication.
Automatic Retries
Exponential backoff retries ensure reliable delivery even when endpoints are temporarily unavailable.
Configuration Reference
1 Connection Settings
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| name | string | Yes | - | A unique name for this alert destination (e.g., "custom-webhook") |
| provider | select | Yes | webhook | Alert provider - select "Webhook" |
| enabled | boolean | No | true | Enable or disable alert delivery |
| url | string | Yes | - | Webhook endpoint URL (HTTPS recommended) |
| method | select | No | POST | HTTP method: POST, PUT, or PATCH |
2 Authentication Settings
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| auth_type | select | No | none | Authentication type: none, basic, bearer, api_key, hmac |
| auth_username | string | No | - | Username for basic authentication |
| auth_password | password | No | - | Password for basic authentication |
| auth_token | password | No | - | Bearer token for token authentication |
| api_key_header | string | No | X-API-Key | Header name for API key authentication |
| api_key_value | password | No | - | API key value |
| hmac_secret | password | No | - | Secret key for HMAC signature generation |
| hmac_header | string | No | X-Signature | Header name for HMAC signature |
| hmac_algorithm | select | No | sha256 | HMAC algorithm: sha256, sha384, sha512 |
3 Header Settings
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| content_type | select | No | application/json | Content-Type header: application/json, application/x-www-form-urlencoded |
| custom_headers | object | No | - | Additional HTTP headers as key-value pairs |
4 Payload Settings
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| payload_format | select | No | default | Payload format: default (DB Audit format), custom (template) |
| payload_template | text | No | - | Custom payload template using Handlebars syntax |
| include_raw_event | boolean | No | false | Include the raw event data in the payload |
5 Alert Filtering
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| severity_filter | multiselect | No | all | Alert severities to send: critical, high, medium, low, info |
| alert_types | multiselect | No | all | Alert types: policy_violation, anomaly_detection, threshold_breach, classification_alert |
| database_filter | array | No | - | Limit to specific databases (empty = all databases) |
6 Delivery Settings
| Field | Type | Required | Default | Description |
|---|---|---|---|---|
| rate_limit | number | No | 60 | Maximum alerts per minute (1-100) |
| timeout_seconds | number | No | 30 | Request timeout in seconds (5-120) |
| retry_attempts | number | No | 3 | Number of retry attempts on failure |
| retry_delay_seconds | number | No | 5 | Delay between retry attempts |
| success_codes | array | No | 200,201,202,204 | HTTP status codes considered successful |
Authentication Methods
None
No authentication. Only use for endpoints with network-level security.
No headers added Basic Auth
HTTP Basic authentication with username and password.
Authorization: Basic base64(user:pass) Bearer Token
Token-based authentication commonly used with OAuth.
Authorization: Bearer token API Key
API key in a custom header (default: X-API-Key).
X-API-Key: your-api-key HMAC Signature
Cryptographic signature for payload verification.
X-Signature: hmac-sha256(payload) Setup Instructions
1
Create Your Webhook Endpoint
Set up an HTTP endpoint to receive alert data from DB Audit.
- Use HTTPS for secure communication
- Return 2xx status code on success
- Respond within the configured timeout
- Implement idempotency using
alert_id
2
Test Your Endpoint
Verify your endpoint works with sample data.
# Test your webhook endpoint with curl
curl -X POST https://your-endpoint.com/webhook \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_TOKEN" \
-d '{
"alert_id": "test_123",
"type": "policy_violation",
"severity": "high",
"title": "Test Alert from DB Audit"
}'
3
Configure in DB Audit
Add the webhook destination in the DB Audit dashboard.
- Navigate to Settings → Alert Destinations in DB Audit
- Click Add Destination
- Select Webhook as the provider
- Enter your endpoint URL
- Configure authentication if needed
- Customize the payload format (optional)
- Test the connection and save
4
Implement Signature Verification (Recommended)
Verify webhook signatures to ensure alerts are from DB Audit.
// Verify HMAC signature in your webhook handler (Node.js example)
const crypto = require('crypto');
function verifyWebhook(payload, signature, secret) {
const expectedSignature = crypto
.createHmac('sha256', secret)
.update(payload)
.digest('hex');
return crypto.timingSafeEqual(
Buffer.from(signature),
Buffer.from(expectedSignature)
);
}
// Express.js middleware
app.post('/webhook', express.raw({ type: 'application/json' }), (req, res) => {
const signature = req.headers['x-signature'];
const payload = req.body.toString();
if (!verifyWebhook(payload, signature, process.env.WEBHOOK_SECRET)) {
return res.status(401).json({ error: 'Invalid signature' });
}
const alert = JSON.parse(payload);
// Process the alert...
res.status(200).json({ received: true });
});
Payload Formats
Default Payload Format
The standard DB Audit alert format with full event details.
{
"alert_id": "alert_abc123xyz",
"timestamp": "2024-01-15T10:30:45.123Z",
"type": "policy_violation",
"severity": "high",
"title": "Bulk Data Access Detected",
"description": "User accessed more than 10,000 rows in a single query",
"source": {
"database": "production-postgres",
"db_type": "postgresql",
"host": "db.example.com",
"port": 5432
},
"actor": {
"user": "app_user",
"client_ip": "10.0.1.50",
"application": "backend-api"
},
"event": {
"query_type": "SELECT",
"object": "public.customers",
"rows_affected": 15000,
"duration_ms": 2500
},
"policy": {
"id": "policy_bulk_access",
"name": "Bulk Data Access Policy"
},
"links": {
"dashboard": "https://app.dbaudit.ai/alerts/alert_abc123xyz"
}
}
Custom Template (Handlebars)
Use Handlebars syntax to create custom payload structures.
// Custom payload template using Handlebars syntax
{
"incident": {
"title": "{{title}}",
"description": "{{description}}",
"severity": "{{#if (eq severity 'critical')}}P1{{else if (eq severity 'high')}}P2{{else}}P3{{/if}}",
"source": "dbaudit",
"tags": [
"database:{{source.database}}",
"user:{{actor.user}}",
"type:{{type}}"
],
"custom_fields": {
"database_host": "{{source.host}}",
"client_ip": "{{actor.client_ip}}",
"rows_affected": {{event.rows_affected}},
"policy_violated": "{{policy.name}}"
}
},
"metadata": {
"alert_id": "{{alert_id}}",
"link": "{{links.dashboard}}"
}
}
Testing Your Integration
Test via Dashboard
- Go to Settings → Alert Destinations
- Find your webhook destination
- Click the Test button
- Check your endpoint logs for the test payload
- Verify the response was successful
Test via API
curl -X POST \
https://api.dbaudit.ai/v1/alerts/test \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"destination_id": "dest_abc123"}'
Troubleshooting
Connection timeout
The endpoint is not responding within the timeout period.
- Increase the
timeout_secondssetting - Check if the endpoint is behind a slow firewall or proxy
- Verify the endpoint is publicly accessible from the internet
Authentication failed (401/403)
The authentication credentials are invalid or expired.
- Verify the auth credentials are correct
- Check if API keys or tokens have expired
- Ensure the Authorization header format is correct
Invalid payload (400)
The endpoint rejected the payload format.
- Check if custom template has syntax errors
- Verify the Content-Type header matches expected format
- Test the payload manually with curl
HMAC signature mismatch
The signature verification is failing on your endpoint.
- Ensure you're using the raw request body for verification
- Check the HMAC algorithm matches (sha256, sha384, sha512)
- Verify the secret key is identical on both sides
SSL certificate error
The SSL certificate on the endpoint is invalid.
- Ensure the certificate is valid and not expired
- Verify the certificate chain is complete
- Use a trusted certificate authority
Ready to Build Custom Integrations?
Start sending database security alerts to your custom endpoints in minutes.