Proactive System Monitoring with VGS Notifications

January 12, 2022
Proactive System Monitoring with VGS Notifications

We’re excited to announce the launch of VGS Notifications to proactively inform customers about events in their live integration with VGS. The first delivery method we offer is via webhooks, which is one of the fastest ways to track events.

VGS Notifications Webhooks

Webhooks are useful when you want to run business logic in your application based on an event happening in another system. This is especially true when your company’s data security and PCI controls rely on that system.

VGS provides webhooks to notify you of crucial events, including:

  • Monitoring: upstream error occurrences; failed reveals
  • Audit: changes to your routes, e.g., creation, deletion, and update; creation of vault
  • IAM: user activity, e.g., user login, password update, MFA update, and permission update
  • Payments: card update, expiration, and closure

Configuring the Webhook

You can start using webhooks with your VGS integration in just three steps:

  1. Create a webhook endpoint on your server: Go to the Administration section in the left side navigation > Organization Settings > Notifications dashboard page, click Add Notifications on the right to reveal the form.

  2. Add endpoint in the VGS Dashboard: You can enter any valid and existing URL as the destination for events. After you have added an endpoint, you’ll be able to add/select individual events.

  3. Complete your integration by adding events: Pick events from the dropdown list, and they will immediately appear in the Complete your integration by adding Events List. Once an event is added to the list, you can set up resources (vaults, users) associated with it. If none is selected, notifications will be triggered for all of them.

To see the detailed walkthrough, visit our Notifications Platform Insights page, which includes screenshots of the setup process.

Testing the Webhook

To make sure you’re receiving notifications correctly, you should first do a test run:

  1. Visit Mockbin and create a default bin. It will allow you to create a webhook URL and send data to it to see how it's recognized.

  2. Create a new webhook integration on the VGS Dashboard (by going to Organization Settings > Notifications) and use the URL Mockbin generated for you.

  3. Add events you want to track. For instance, route.created or route.updated

  4. Next, to check that the webhook works, go to the routes page to create a new route or update the existing ones.

  5. If everything was set up correctly, you should see something like this on the bin history page:

Payload example from webhook:

{
    "description": "Route created",
    "details": {
        "environment": "sandbox",
        "route_id": "34aaf48b-ed8c-4f74-87a0-1bad070c3ad0",
        "route_name": "dark-cyan-heart"
    },
    "event": "route.created",
    "fingerprint": "eb00a8b312ab99bef1adfa5c3cf4ade85bc724e3a03c6c141fbe09ff66c13ea5",
    "grouping": "every_single",
    "id": "480edfe6-640b-4bb7-b24b-eb86bf05281c",
    "integration_id": "INyJktyidrJp5ZjuLdSw1W6",
    "occurrence": 1,
    "org_id": "ACxxxxxxxxxxxxxxxxxxxxxx",
    "producer": {
        "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:94.0) Gecko/20100101 Firefox/94.0",
        "user_email": "john.doe@cool.org"
    },
    "scope": "vault",
    "summary": "Route \"dark-cyan-heart\" has been created by john.doe@cool.org within vault tntxxxxxxxx in sandbox",
    "tenant": "tntxxxxxxxx",
    "timestamp": "2021-12-10T20:40:39.777Z"
}

At this point, you’re good to go! Now you can start sending data to a real endpoint.

Managing Webhooks

Existing webhook endpoints can be updated or deleted in the Dashboard’s Notifications section. You also have the option of disabling a webhook endpoint temporarily. VGS does not retry any generated notifications while the endpoint has been disabled. For every webhook integration, a unique secret is being generated that’s used to verify requests on the client-side.

What’s Next for VGS Notifications?

Currently, we only support the webhook delivery method, and there is a general limit of 3 integrations per organization. We’ll be adding more types of notification events to better support and serve your needs and delivery via email, Slack, PagerDuty, etc. Stay tuned!

To get started now, check out these quick setup instructions in the documentation.

To request new events and delivery methods, please email us at product@verygoodsecurity.com. We look forward to hearing about your interest in this feature as well as your feedback.

Ulyana Falach Ulyana Falach

Product Lead

Share

You Might also be interested in...

If you're a developer, or just a sane person, audits suck. We integrated Control and Github to make them better.

Setting up Github to Make SOC 2 & ISO 27001 Suck Less

Stefan Slattery September 24, 2021

vas-access-logs

How to Make the Most of VGS Access Logs

Yura Shafranyuk September 11, 2018

Gain Deeper Insights with VGS Observability

Gain Deeper Insights with VGS Observability

Ulyana Falach September 10, 2021