Set up Notifications

Set up Notifications

In this section we’ll set up an integration webhook and use it to receive event notification from DryRun Security. There is a dedicated Slack integration and a Generic webhook option. The configuration steps below are identical for the Slack and Generic webhook.

Prerequisite - You'll need to have already created a Webhook URL on the system you wish to integrate and receive messages from DryRun Security. The messages sent are JSON formatted POST requests

  1. Log in the the DryRun Security portal at https://app.dryrun.security (opens in a new tab)
  2. Navigate to the Settings section
  3. Click Integrations

  1. Click Details on the integration card you want to configure

  1. You'll see the configuration options for the Integration you selected

From here, you can...

Configure a Global Integration

A global integration will work across the Repositories in your organization with no additional configuration.

  1. In the Webhook URL box, add the URL for the target Webhook to receive notifications

  1. Choose a Risk Level

Note: As DryRun Security runs, it will assign a Risk Level to changes in the code base. Notifications will be sent on changes that match the Risk Level you've selected.

  1. Leave Enabled selected

  2. Leave Global checked

  3. Click Save

  4. Once you click Save the Test button will be enabled. Clicking the Test button will send a message to the Webhook URL to validate the setup is working.

Done! You've configured a global integration that will receive notifications as changes are made that match the configured Risk Level.

Configure a Targeted Integration

A targeted, non-global integration can be used to recieve notifications about one or more Repositories in a specific channel. First, create the non-global integration. Then, reference the integration name in a Configuration (in Settings > Configurations).

  1. In the Webhook URL box, add the URL for the target Webhook to receive notifications

  1. Choose a Risk Level

Note: As DryRun Security runs, it will assign a Risk Level to changes in the code base. Notifications will be sent on changes that match the Risk Level you've selected.

  1. Leave Enabled selected

  2. Uncheck the Global option

Note: You'll notice a Name box has been added to the form. This box contains the name of the integration that can be used in your configuration files.

  1. Click Save

  2. Once you click Save the Test button will be enabled. Clicking the Test button will send a message to the Webhook URL to validate the setup is working.

Done! You've configured a targeted integration that can now be added to either the Default Configuration or a Custom Configuration.

Note: You'll need to add your webhook to a Configuration before notifications will be sent.

Configure a Notification

Now, the integration can be added to a Configuration.

  1. Navigate to Settings > Configurations

  2. Select the Configuration you want to edit

  1. Toggle on Notifications Enabled

  2. Select the desired Webhook name(s) from the Integrations drop down

  3. Click Save at the bottom of the page

Done! Now changes in the Repository that match the integration's Risk Level will trigger a notification.

Example JSON Body For Generic Webhooks

Example Slack Message

Configure Repositories in the DashboardConfigure a GitHub Repository with dryrunsecurity.yaml