JSON, vRealize Log Insight, Webhook

Quick Tip – Programmatically Update vRealize Log Insight Webhook Token

The Webhook feature in vRealize Log Insight is a great way to execute automation tasks, push elements in a RabbitMQ message queue or start any other REST operation.

Many endpoints providing such REST methods require a token-based authentication, like the well-known Bearer Token. vRealize Automation is one example of such endpoints.

It is pretty easy to specify that kind of authentication in vRealize Loginsight Webhook, the only thing you need to do is to add the Authorization header and set its value to Bearer xyz... .

Figure 01: Authorization header in vRLI webhook.

The problem with such tokens is their expiration. Usually, such tokens are valid only for a certain time period and need to be refreshed.

How to get a new token from vRealize Automation is not the subject of this post, we assume we have a new token, let’s say it is abcd1234. Now we need to update that value in vRLI.

We use the vRealize Log Insight REST API to update the Webhook configuration which contains the headers.

Before we can do that, we need the Bearer Token for the vRealize Log Insight REST API. This is the curl command to retrieve the token:

curl --location --request POST 'https://$VRLI-FQDN/api/v2/sessions' --header 'Accept-Encoding: application/json' --header 'Content-Type: application/json' --data-raw '{ "username": "admin", "password": "secret", "provider": "Local"}'

The response contains the token we use for any other subsequent REST API call (I have changed the token for better visibility):

{
    "userId": "2338ddb2-xxx-yyy",
    "sessionId": "123456789assdfg",
    "ttl": 1800
}

Now we have everything we need to update the Webhook configuration to include a new vRealize Automation token, abcd1234. This is a two-step process.

First, we need the ID of our Webhook. This is the REST call to retrieve all webhooks:

curl --location --request GET 'https://$VRLI-FQDN/api/v2/notification/webhook' \
--header 'Accept-Encoding: application/json' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer 123456789assdfg' \

From the (truncated) response we extract the ID of the Webhook we would like to modify. Please be aware that the output JSON will contain separate sections for every Webhook in your vRealize Log Insight:

{ "id": "96211daa-4391-42bd-b972-52689b7eb540", "URLs": [ "https://$VRLI-FQDN/codestream/api/pipelines/db1259ea-e4ea-4a91-89fc-70a3b5a2004b/executions" ], "destinationApp": "custom", "contentType": "JSON",

Second, we can now use a PUT REST call to update the webhook with the new Bearer Token for vRealize Automation.

curl --location --request PUT 'https://$VRLI-FQDN/api/v2/notification/webhook/432be7da-9876-4c9f-a11a-bb1fe131b2c4'--header 'Accept-Encoding: application/json' --header 'Content-Type: application/json' --header 'Authorization: Bearer 123456789assdfg' --data-raw '{ $BODY_FROM_PREVIOUS_RESPONSE_FOR_THE_CORRESPONDING_WEBHOOK_ID }'

The REST body is basically the content corresponding Webkook ID of the JSON output we retrieved in the Step 1 response. We just need to replace the token here:

{ "id": "432be7da-9876-4c9f-a11a-bb1fe131b2c4", "URLs": [ "https://{ "id": "96211daa-4391-42bd-b972-52689b7eb540", "URLs": [ "https://$VRLI-FQDN/codestream/api/pipelines/db1259ea-e4ea-4a91-89fc-70a3b5a2004b/executions" ], "destinationApp": "custom", "contentType": "JSON",/codestream/api/pipelines/b12c7cbd-6d83-4bef-8b31-7bb653ee01aa/executions" ], "destinationApp": "custom", "contentType": "JSON", "payload": "{\n \"comments\": \"Starting pipeline using REST - from vRLI\",\n \"input\": {\n \"messages\": \"${messages}\",\n \"TriggeredAt\": \"${TriggeredAt}\",\n \"my_systemID\": \"${ vmw_vr_ops_id}\",\n \"SourceInfo\": \"${SourceInfo}\",\n \"HitOperator\": \"${HitOperator}\",\n \"Info\": \"${Info}\"\n}\n}", "name": "tkopton-CS-Pipeline-Test", "headers": "{\"Content-Type\":\"application/json\",\"Action\":\"POST\",\"Authorization-User\":\"undefined\",\"Authorization-Password\":\"undefined\",\"Authorization\":\"Bearer abcd1234\"}", "acceptCert": false, "creatorEmail": "xxxxxxx"}

Replacing the token in the vRealize Log Insight is that simple.

Stay safe.

Thomas – https://twitter.com/ThomasKopton

Leave a Reply

Your email address will not be published. Required fields are marked *