可以在 VMware Aria Operations for Logs 中配置 Webhook 服务器。
过程
- 登录到 VMware Aria Operations for Logs,然后从左侧窗格中的警示下选择 Webhook。
- 在 Webhook 页面上,单击新建 Webhook 以添加新的 Webhook。
- 输入所需的详细信息。
名称 VMware Aria Operations for Networks 丢弃的流警示 端点 自定义 Webhook URL 从 Operations for Networks 添加源页面复制。例如,https://webhook_user:*****************@vrni-appliance/webhooks/loginsight/alert 内容类型 JSON 操作 Post Webhook 负载 { "AlertType": 1, "AlertName": "${AlertName}", "SearchPeriod": ${SearchPeriod}, "HitOperator": ${NumHits}, "messages": ${messages} }
注: 确保完全按上述方式添加 Webhook 负载。 - 更新 /etc/hosts 文件以将 VMware Aria Operations for Networks 与 Webhook 服务器连接。
注: 您必须具有 sudo/root 权限才能更新 /etc/hosts 文件。例如,
ssh [email protected] VMware Aria Operations for Logs [email protected]'s password: Last login: Tue Jun 14 03:31:14 UTC 2022 from 172.31.1.73 on pts/0 Last login: Tue Jun 14 09:15:08 2022 from 172.31.1.46 root@vRLI-8 [ ~ ]# cat /etc/hosts # Begin /etc/hosts (network card version) # End /etc/hosts (network card version) # VAMI_EDIT_BEGIN # Generated by Studio VAMI service. Do not modify manually. 127.0.0.1 vRLI-8 localhost 10.253.241.206 vrni-appliance ::1 vRLI-8 localhost ipv6-localhost ipv6-loopback # VAMI_EDIT_END root@vRLI-8 [ ~ ]#