Webhook Runbook Conceptual Overviews

Conceptual Overview

The example Webhook Runbook "Webhook Runbook - Simple Example" consists of the following elements:

1. Step-1: Entry-point

   1. Runbook An automated workflow that executes a series of steps or tasks in response to a triggered event, such as the detection of anomalous behavior generating an incident, a lifecycle event, or a manually executed runbook. node Individual components that make up a runbook automation, each performing a specific function such as data queries, transformations, logic, integrations, or visualizations. Triggering Entity: Webhook links a Riverbed IQ Ops URL to a runbook automation Automated procedures that are executed as the result of a trigger. Automations consist of a single entry point and a sequence of connected nodes that define the processing logic.. Linking the node to an automation enables the pass-thru of HTTP-request data and context from the calling entity Things deployed in the customer environment that are needed to run the business, such as applications, devices, interfaces, and locations. for further processing.

2. Step-2: Native Data-format

   1. Runbook node Variables: Set Primitive Variable parses data and context from the received HTTP-request and stores the data in runbook runtime-variables. Runbook runtime-variables are a native runbook data format which enables the data and context to flow through the Processing Logic A runbook node category that adds conditions to branch the runbook, enabling conditional execution paths based on data and context..

3. Step-3: Processing Logic consists of two separate parallel paths of execution.

   1. Path-C1: parses the supplied information out of the HTTPS-payload and captures/visualizes the information for the runbook execution in a table.

   2. Path-C2: processes the supplied information to discern the associated remediation action.

Refer to the diagram below for a visual overview of the runbook. You can download the example Webhook Runbook - Simple Example here.

Runbook Overview

The Webhook Runbook Example implementation was built using the following runbook Nodes Individual components that make up a runbook automation, each performing a specific function such as data queries, transformations, logic, integrations, or visualizations. from the palette:

1. Entry-point

   1. A1: "SDA Alert" - use of runbook Node Triggering Entity: Webhook

      1. Label: SDA Alert

      2. Purpose: enables linking of a Riverbed IQ Ops URL to this runbook automation and provides for pass-thru of HTTP-request data and context from the calling entity for further processing.

2. Native Data-format

   1. B1: "Store webhook payload" - use of runbook Node Variables: Set Primitive Variable

      1. Label: Store webhook payload

      2. Purpose: parses data and context from the received HTTP-request and stores the data and context in runbook runtime variables.

3. Processing Logic: consists of two separate parallel paths of execution.

   1. Path-C1: parses the supplied information out of the HTTPS-payload and captures/visualizes A runbook node category that shows data in a chart, graph, table, or note, providing visual representation of analysis results in runbook output. the information for this runbook execution in a table.

      1. C1: "Get Alert Variables" - use of runbook Node Functions: Transform

         1. Label: Get Alert Variables

         2. Purpose: transforms specified Variables into a JSON format that can be processed by downstream nodes.

      2. D1: "Display Alert Summary" - use of runbook Node Visualizations: Table

         1. Label: Display Alert Summary

         2. Purpose: visualizes the supplied Variables (JSON) into a table.

   2. Path-C2: processes the supplied information to discern the associated remediation action (i.e. actionName).

      1. C2: "Set actionName" - use of runbook Node Variables: Set Primitive Variable

         1. Label: Set actionName

         2. Purpose: applies logic to map the supplied Alert to a recommended remediation (i.e. actionName).

      2. D2: "alert_name" - use of runbook Node Logic: Decision Branch

         1. Label: alert_name

         2. Purpose: determines whether the supplied Alert is known or unknown and directs path of execution accordingly

            1. Path-E2: If the Alert is Known, the runbook continues processing the Alert and associated Remediation.

               1. E2: "Get Alert Detail and Remediation Action" - use of runbook Node Functions: Transform

                  1. Label: Get Alert Detail and Remediation Action

                  2. Purpose: transforms specified Variables into a JSON format that can be processed by down-stream nodes.

               2. F2: "Display Alert and Remediation Detail" - use of runbook Node Visualizations: Table

                  1. Label: Display Alert and Remediation Detail

                  2. Purpose: visualizes the supplied Variables (JSON) in a table.

            2. Path-E3: If the Alert is Unknown, the runbook stops further processing and logs the Unknown Alert.
               

               1. E3: "Display Unknown Alert" - use of runbook Node Visualizations: Text

                  1. Label: Display Unknown Alert

                  2. Purpose: logs the Unknown Alert in text.

Previous Step | Next Step