Investigations Events
Events related to Investigations that will trigger webhooks
Alloy uses webhooks to notify you every time a significant event occurs during your Investigation. Configure your listener to receive these status updates and automatically trigger reactions.
Webhooks can be configured on the Settings page.
Investigation Creation
create:investigationevents:investigation_event_type_id
Get notified if a new investigation is created — either manually or automatically via evaluation.
Response
{
"request_token": ":request_token" ,
"timestamp": 1724694191647,
"type": "create: investigationevents:investigation_event_type_id",
"description": "Notify on Investigation creation",
"data": {
"status_changed_at": 1724694191540,
"status": "created",
"agent": null,
"investigation_token": ":investigation_token" ,
"alert_tokens": [
":alert_token"
],
"entity_tokens": [
":entity_token"
]
}
}
Investigation Status Update
update:investigationevents:investigation_event_type_id
Get notified when a investigation's status is updated..
Promoted to case
Response
{
"request_token": ":request_token",
"timestamp": 1724696341237,
"type": "update:investigationevents:investigation_event_type_id",
"description": "Notify on Investigation status change",
"data": {
"status_changed_at": 1724696340562,
"status": "promoted_to_case",
"agent": ":agent_email",
"investigation_token": ":investigation_token" ,
"alert_tokens": [
":journey_alert_token"
],
"entity_tokens": [
":entity_token"
]
}
}
Investigation closed
Response
{
"request_token": "50ab5848-a101-4ed7-b121-b5ae11f8b528" ,
"timestamp": 1724698766122,
"type": "update:investigationevents:investigation_event_type_id",
"description": "Notify on Investigation status change",
"data": {
"status_changed_at": 1724698765964,
"status": "closed",
"agent": ":agent_email",
"investigation_token": ":investigation_token",
"alert_tokens": [
":journey_alert_token"
],
"entity_tokens": [
":entity_token"
]
}
}
Updated 9 months ago