The webhook command group manages outbound webhooks. When an InfraAudit event occurs — such as a drift finding or a new alert — InfraAudit sends an HTTP POST to each registered webhook URL. Use these commands to register, test, and remove webhooks.
webhook list
List all registered webhooks:
Example output:
ID NAME URL EVENTS STATUS
-- ---- --- ------ ------
1 Slack Alerts https://hooks.slack.com/services/... drift.detected,alert.created active
2 PagerDuty https://events.pagerduty.com/... alert.created active
webhook create
Register a new webhook endpoint.
Synopsis:
infraudit webhook create [flags]
| Flag | Description |
|---|
--url | Destination URL that receives the HTTP POST |
--events | Comma-separated list of event types to subscribe to |
--name | Display name for the webhook |
--secret | Signing secret for HMAC payload verification |
infraudit webhook create \
--name "Slack Alerts" \
--url https://hooks.slack.com/services/... \
--events drift.detected,alert.created
infraudit webhook events.
webhook get
Show details for a specific webhook, including its URL, subscribed events, and delivery statistics:
Synopsis:
infraudit webhook get <webhook-id>
webhook delete
Remove a registered webhook:
Synopsis:
infraudit webhook delete <webhook-id>
infraudit webhook delete 1
webhook test
Send a test payload to a webhook endpoint to verify it is reachable and processing events correctly:
Synopsis:
infraudit webhook test <webhook-id>
webhook events
List all available event types that you can subscribe to:
Example event types:
| Event | Description |
|---|
drift.detected | New drift finding created |
alert.created | New alert triggered |
vulnerability.found | New vulnerability finding |
compliance.failed | Compliance control failed |
remediation.completed | Remediation action executed |
Webhook payloads include an HMAC signature in the X-InfraAudit-Signature header when you provide a --secret. Verify this signature in your endpoint to reject forged requests.