When you write the body of your custom webhook, you can include static or dynamic key/value pairs.

The “root” object is notification, but it should not be referenced in the template. For example, to access the notification ID, use {{ id }} as the expression.

Variables Included

The following variables are generic versions of concepts that might be called by other names depending on the alert type. For example, if the alerts are Cloud and Enterprise Agent alerts, details could refer to location alerts. If the alerts are BGP alerts, details might refer to monitors. Similarly, targets might refer to a URL or to a BGP prefix, for HTTP alerts or BGP alerts, respectively.

Note: agent, device, and outage alerts do not currently use targets.

Collections

Use a helper function, such as each, to iterate over collections of elements. The section headers below are the names of collections you can iterate over. The elements of each collection are listed in the tables in each section. Find example syntax in the Add Custom Webhook Integration interface by selecting the Generic preset.

Use syntax such as the following to iterate over the collection instance:

"test": {
            "name": "{{alert.test.name}}",
            "labels": [
                {{#each alert.test.labels}}
                    "{{name}}"{{#unless @last}}, {{/unless}}
                {{/each}}
            ]

When the collection has exactly one element, you can use syntax such as the following:

{{#if alert.targets.size}} 
  "targets": "{{#each alert.targets}}{{description}}{{#unless @last}}, {{/unless}}{{/each}}" 
{{/if}}

This will cause the targetName field to be populated correctly when there is one target on the alert, but avoids any errors if there are zero targets or more than one target on the alert.

Also note that all enumerations can be referenced by their ID, rather than their name. For example, the notification type can be referenced by 1 (for cleared notifications) or 2 (for triggered notifications), rather than the string “CLEAR” or “TRIGGER”, respectively. The advantage of doing this is that these underlying IDs will not change, whereas their names may change over time.

alert.details

alert.targets

alert.test.labels

Agent Notifications

These variables are only available to Agent Notifications:

Device Test

These variables are only available for Device Test alerts:

Device Notifications

These variables are only available for Device Notifications:

Linking to the Alerts List

Linking back to the ThousandEyes alerts list can be helpful for users who receive alert notifications. To provide a link in your webhook, navigate to Integrations. Select the Custom Webhook you'd like to edit. Scroll to the "Body" field and add the following url to the appropriate attribute:

https://app.thousandeyes.com/alerts/list/?__a={{alert.rule.account.id}}&alertId={{alert.id}}

Here is an example of adding the alerts list url to the text attribute of the default Slack template:

"text": "*Alert ID*: {{alert.id}}{{#if alert.test}}\n*Test Name*: {{alert.test.name}}\n*Target/s*: {{#each alert.targets}}{{description}}{{#unless @last}}, {{/unless}}{{/each}}{{/if}}\n*Alert Rule*: {{alert.rule.name}} - {{formatExpression alert.rule.expression}}{{#if alert.details}}\n*Details*: {{alert.details.size}}{{/if}}\n*Link*: https://app.thousandeyes.com/alerts/list/?__a={{alert.rule.account.id}}&alertId={{alert.id}}",

Helper Functions

The following helper functions are available to assist in templating. For a short tutorial on helper functions in the Handlebars framework, see the Handlebars guide.

• and

• each

• eq

• formatDate

• formatExpression

• gt

• gte

• if

• lt

• lte

• minus

• neq

• not

• or

• plus

• unless

• with

The helper functions formatDate and formatExpression are custom-built for alert notifications. The first takes a time variable such as alert.firstSeen and formats it into “YYYY-MM-DD HH:MM:SS Z” format, where Z is a timezone. The default timezone is UTC. You can use your organization’s timezone with the expression {{ formatDate alert.firstSeen alert.rule.account.organization.timezone }}, or you can hardcode a timezone like this:

{{ formatDate alert.firstSeen “America/Los_Angeles” }}

or

{{ formatDate alert.firstSeen “PST” }}

The formatExpression helper function converts a machine-readable alert rule expression such as ((responseTime > 100ms)) and translates it into a more human-readable format, such as Response Time > 100ms.

The plus helper function allows you to easily add two numeric values within your webhook payload. It's particularly useful for scenarios where you need to adjust numerical data, like aggregating totals or incrementing counters. For example, {{plus variable1 variable2}} would result in the sum of variable1 and variable2.

The minus helper function enables you to subtract one numeric value from another in your webhook payload. This is ideal for calculating differences, such as finding the delta in performance metrics. For example, use {{minus variable1 variable2}} to get the difference between variable1 and variable2.

Note: the data type of the variables will indicate the data type of the plus/minus result:

• int + int/int - int = int

• int + float/int - float = float