Sophos Webhook Event

Webhooks are one of the ways that Sophos Linux Sensor (SLS) can send alerts to other applications. Send Sophos Cloud Optix alerts to trigger responses, such as remediation functions, in your cloud environments. For more information, visit the Sophos documentation.

Sample Event

{
    "eventType": "ALERT",
    "payloadData": {
        "accountId": "44412345678075",
        "alertId": "A-000001",
        "score": 80,
        "alertSummary": "Ensure S3 buckets do not allow public read/list permission",
        "alertType": "Policy",
        "lastSeen": "Nov 2, 2020 3:56:18 PM",
        "provider": "AWS",
        "alertDetails": "demo-bucket-1\ndemo-bucket-2",
        "policyLabel": "FEDRAMP-HIGH,FEDRAMP-LOW,FEDRAMP-MODERATE,FEDRAMP/NIST800-53-LOW,FFIEC,GDPR,ISO 27001,PCI,SOC2,SOC2-TSP,Sophos",
        "ruleNumber": "AR-251",
        "affectedResources": [
            {
                "resourceInfo": "demo-bucket-1",
                "state": "OPEN"
            },
            {
                "resourceInfo": "demo-bucket-2",
                "state": "OPEN"
            }
        ]
    }
}