# Audit Log Webhook

By creating a webhook for [audit log](https://docs.apono.io/docs/audits-and-reports/audit-log) notifications, you can gather all notifications into a single platform.

***

### Prerequisite

<table><thead><tr><th width="247">Item</th><th>Description</th></tr></thead><tbody><tr><td><strong>Apono Premium</strong></td><td><a href="https://www.apono.io/pricing/">Apono plan</a> providing the most features and dedicated account support</td></tr></tbody></table>

***

### Configure a webhook

Follow these steps to configure a webhook:

1. On the [**Webhooks**](https://app.apono.io/webhooks) page, click **Add Webhook**. The **Add Webhook** page appears.
2. Click **Audit Webhook**.
3. Enter a unique, alphanumeric, user-friendly **Audit Webhook Name** for identifying this webhook.
4. Click the **Status** toggle to **Active**.
5. From the **Type** dropdown menu, select **HTTP Webhook**.
6. From the **Method** dropdown menu, select a REST method.
7. In the **URL** field, enter the URL of the target system that will receive the webhook.

{% hint style="warning" %}
The webhook URL **must adhere** to the following requirements:

* Uses the HTTPS protocol
* Does **not** specify any custom ports
  {% endhint %}

8. In the **Body Template** field, construct a JSON body for the webhook payload. The following is an example webhook payload.

```json
{
    "event_type": "{{event_type}}",
    "event_time": "{{event_time}}",
    "data": {
        "timestamp": "{{data.timestamp}}",
        "action": "{{data.action}}",
        "actor_id": "{{data.actor_id}}",
        "actor_name": "{{data.actor_name}}",
        "actor_type": "{{data.actor_type}}",
        "source": "{{data.source}}",
        "target_id": "{{data.target_id}}",
        "target_type": "{{data.target_type}}",
        "target_name": "{{data.target_name}}",
        "metadata": "{{data.metadata}}",
        "current_target_object": "{{data.current_target_object}}",
        "previous_target_object": "{{data.previous_target_object}}"
    }
}
```

{% hint style="success" %}
Click **View audit event's payload schema** to reveal the base payload schema and available data fields. You can also refer to the [Audit Log Webhook Payload Schema Reference](https://docs.apono.io/docs/webhook-integrations/webhook-payload-references/audit-log-webhook-payload-schema-reference) to read the descriptions of each data field.
{% endhint %}

9. Enter the authentication information required by the target system.

{% tabs %}
{% tab title="Bearer Token" %}
Follow this step to add Bearer Token authentication:

1. Under **Headers**, use the **Key** and **Value** fields to set the access token.

| Key             | Value                  |
| --------------- | ---------------------- |
| *Authorization* | *Bearer \<API\_TOKEN>* |
| {% endtab %}    |                        |

{% tab title="OAuth" %}
Follow these steps to add OAuth authentication:

1. From the **Authentication Type** dropdown menu, select **OAuth**. The OAuth settings appear.
2. Define the OAuth settings.

<table><thead><tr><th width="204">Setting</th><th>Description</th></tr></thead><tbody><tr><td><strong>Client ID</strong></td><td>Unique identifier assigned by the authorization server</td></tr><tr><td><strong>Client Secret</strong></td><td>Secret key issued by the authorization server</td></tr><tr><td><strong>Token Endpoint URL</strong></td><td>URL where the authorization code or refresh token is exchanged for an access token</td></tr><tr><td><strong>Scopes</strong></td><td>(Optional) Set of permissions requested to access specific resources or APIs</td></tr></tbody></table>
{% endtab %}

{% tab title="Custom" %}
Follow these steps to add custom authentication:

1. Under **Headers**, use the **Key** and **Value** fields to set the credential information.
2. If your tool or service has several values, enter each key-value pair in a separate row.

{% hint style="info" %}
The following table uses [Datadog](https://docs.apono.io/docs/webhook-integrations/request-webhook/logs-and-siems/datadog) as an example.
{% endhint %}

| Key                  | Value        |
| -------------------- | ------------ |
| *DD-API-KEY*         | *\<API KEY>* |
| *DD-APPLICATION-KEY* | *\<KEY ID>*  |
| {% endtab %}         |              |
| {% endtabs %}        |              |

10. (Optional) In the **Timeout in seconds** field, enter the duration in seconds to wait before marking the request as failed.
11. (Optional) Define **Response Validators** to verify that the response from the webhook meets specified criteria:
    1. Click **+ Add**. A row of settings appears.
    2. Starting with *$.data.*, enter the **Json Path** of the JSON parameter.
    3. In the **Expected Values** field, enter a value and press the Enter key on your keyboard.
    4. Repeat step **c** to add several expected values.
    5. Repeat steps **a-d** to add multiple response validators.
12. Click **Test** to generate a test event to trigger your webhook. A **Test successful** or **Test failed** response status will appear at the bottom of the page. A successful test will send mock data to the target system.

{% hint style="success" %}
For more information about the test, click **View Invocation Data**. A panel opens revealing the request, response, and other relevant details.

Should your test fail, view these tips to [troubleshoot your webhook](https://docs.apono.io/docs/webhook-integrations/troubleshoot-a-webhook).
{% endhint %}

13. Click **Save Webhook**.

The new webhook appears in the **Webhooks** table. Active webhooks are preceded by a green dot. Inactive webhooks are preceded by a white dot.

Apono audit log notifications will be sent to the target system each time an [audit log](https://docs.apono.io/docs/audits-and-reports/audit-log) event occurs.