Notifications Engine

Our notifications engine allows you to send alerts via webhook to your preferred endpoints along with the option to push alerts to an AWS S3 bucket for integration with your monitoring and SIEM systems. Follow these steps to enable this:

Supported Notification Methods

c/side supports three types of Notification Alert Methods:

  • Webhook notifications: Allows for alerts to be sent seamlessly to endpoints like Slack and Discord.
  • AWS S3 Bucket uploads: Hourly .csv file uploads to your S3 bucket which can be ingested to platforms like DataDog, Splunk and SIEM systems.
  • Email notifications: Automated emails sent to team users, along with optional mail forwarding to specific email addresses outside of the team.

Setup Instructions

1. Access Notification Endpoint settings

  1. Click on domains along the left hand side of the dashboard
  2. Open the dropdown settings for your chosen domain
  3. Click on Notifications Endpoints

Notification settings in c/side

2. Choose Your Notifications Method

Using webhooks

Follow the prompts to input your endpoint url and choose your format (JSON, Slack or Discord) and generate your secret key:

Webhook notifications in c/side

With your secret key, you can then compute your own HMAC of the incoming request body using this secret and compare the result to the x-cside-signature header value to authenticate the webhook requests.

Using AWS S3 Buckets

Follow the prompts and input your S3 bucket information (S3 Bucket Name, Region and path if applicable):

Hardware Token in c/side

You will be presented with a JSON object like the one below with the resource path updated. Apply this to your S3 bucket settings to start ingesting alerts from your domains.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowCsideNotificationExport",
      "Effect": "Allow",
      "Action": ["s3:PutObject"],
      "Resource": "arn:aws:s3:::notifications-engine-test/*",
      "Principal": {
        "AWS": ["arn:aws:iam::590183952644:role/prod-cside-notifications-engine-sa-role"]
      },
    }
  ]
}

3. Start receiving notifications

Webhook alerts will be sent in the following format, while csv files ingested by AWS S3 buckets will have the same information in a column format.

{
  "type": "HASH",
  "domain": "beverage.ltd",
  "target": "d6647696984a8df4df40ec2d6af8602ce9e6e239707f02851cbedeec601cccf3",
  "action": "alert"
}

Email Notifications

Email notifications will still be enabled by default, and mail forwarding rules can be added under the 'Forwarded Notification Emails' section just below the endpoint settings. This will allow you to specify other email addresses that should receive alerts like a ticketing or SIEM system.

Previous

Testing c/side on staging Environments

Next

Script Pattern Matching

On this page

Supported Notification MethodsSetup Instructions1. Access Notification Endpoint settings2. Choose Your Notifications MethodUsing webhooksUsing AWS S3 Buckets3. Start receiving notificationsEmail Notifications