可以在 VMware Aria Operations for Logs 中設定 Webhook 伺服器。

程序

  1. 登入 VMware Aria Operations for Logs,然後從左窗格中的警示下選取 Webhook
  2. Webhook 頁面上,按一下新增 Webhook 以新增新的 Webhook。
  3. 輸入必要的詳細資料。
    名稱 VMware Aria Operations for Networks 捨棄的流量警示
    端點 自訂
    Webhook URL 從 Operations for Networks 新增來源頁面複製。例如,https://webhook_user:*****************@vrni-appliance/webhooks/loginsight/alert
    內容類型 JSON
    動作 POST
    Webhook 裝載
    {
    "AlertType": 1,
    "AlertName": "${AlertName}",
    "SearchPeriod": ${SearchPeriod},
    "HitOperator": ${NumHits},
    "messages": ${messages}
    }
    
    備註: 確保完全按上述方式新增 Webhook 裝載。
  4. 更新 /etc/hosts 檔案以將 VMware Aria Operations for Networks 與 Webhook 伺服器連線。
    備註: 您必須具有 sudo/root 權限才能更新 /etc/hosts 檔案。
    例如,
    ssh [email protected]
    VMware Aria Operations for Logs
    [email protected]'s password: 
    Last login: Tue Jun 14 03:31:14 UTC 2022 from 172.31.1.73 on pts/0
    Last login: Tue Jun 14 09:15:08 2022 from 172.31.1.46
    root@vRLI-8 [ ~ ]# cat /etc/hosts
    # Begin /etc/hosts (network card version)
    # End /etc/hosts (network card version)
    # VAMI_EDIT_BEGIN
    # Generated by Studio VAMI service. Do not modify manually.
    127.0.0.1   vRLI-8 localhost
    10.253.241.206 vrni-appliance
    ::1   vRLI-8 localhost ipv6-localhost ipv6-loopback
    # VAMI_EDIT_END
    root@vRLI-8 [ ~ ]#