Webex LAM
Webex LAMs work in conjunction with the Webex integration to provide bidirectional communication with Webex rooms.
The Webex LAM is a custom REST LAM config and LAMbot that provides a webhook endpoint suitable to be used as the target for a Webex webhook. It expects messages to contain a HTTP header called X-Spark-Signature containing an HMAC-SHA1 signature of the JSON payload calculated by the sender. Authentication relies on a provided secret to calculate the HMAC-SHA1 signature of the received payload and to confirm that it matches the value in the header.
Once up and running, the LAM provides the inbound webhook endpoint that the Webex integration uses to return responses from Webex. The same secret supplied here should be used when configuring the Webex integration.
An additional post-installation step is required to add an Event Workflow to forward the authenticated webhook payloads to the Webex integration for processing.
Before You Begin
Before you start to set up your integration, you need to pick a secret string. This should match the secret that will be uses with the Webex integration.
Configure the Webex LAM
A custom REST LAM config can be found under $MOOGSOFT_HOME/config/webex_lam.conf
. This configured an unauthenticated REST LAM with the fixed mapping required by the Webex integration. The corresponding WebexLam.js
LAMbot validates the received payloads using a secret string supplied by setting the signature value in the config.
To configure the LAM:
Review and update the host, port and ssl setting for your environment. The LAM may also be securely proxied through Nginx. See REST LAM.
To use Webex Webhook HMAC-SHA1 payload signature verification, go to the mapping section of the config and replace the string
WEBHOOK_SECRET
in the following line with the chosen secret string:# Replace 'WEBHOOK_SECRET' in signature with the Webex webhook secret string used by the # Webex integration { name: "signature", rule: "WEBHOOK_SECRET" },
To run the LAM, supply the config to the standard REST LAM, for example:
$MOOGSOFT_HOME/bin/rest_lam --config $MOOGSOFT_HOME/config/webex_lam.conf
Once in place, the Webhook Target URL for new LAM and configured Secret are required when configuring the Webex integration.
Configure the Webex Integration
To enable bidirectional communication between Webex and Moogsoft Onprem, you must set up the integration itself. See Webex.
Add the Event Workflow
After you complete the configuration, you must add an event workflow to forward the webhook payload to the Webex integration. The following will add a suitable workflow using the graze API. Replace the variables $USER, $PASSWORD and $SERVER with the graze username, password, and server address. You should reorder the event workflows to position this workflow first.
curl -X POST -k -v -u $USER:$PASSWORD "https://$SERVER/graze/v1/createWorkflow" -H "Content-Type: application/json; charset=UTF-8" -d' { "first_match_only": null, "sequence": 1, "operations": [ { "duration": 0, "reset": false, "type": "delay" }, { "operation_name": "Populate context", "function_name": "copyToContext", "forwarding_behavior": "stop all workflows", "function_args": { "from": "custom_info.eventDetails", "to": "data" }, "type": "action" }, { "operation_name": "Forward to handler", "function_name": "sendToWorkflow", "forwarding_behavior": "stop all workflows", "function_args": { "workflowName": "Handle Webex Response", "engineName": "Situation Integration" }, "type": "action" }, { "operation_name": "Prevent alert creation", "function_name": "dropEvent", "forwarding_behavior": "stop all workflows", "function_args": {}, "type": "action" } ], "moolet_name": "Event Workflows", "workflow_name": "Webex Webhook Response", "entry_filter": "manager = \"WebexWebhook\"", "sweep_up_filter_time_limit": null, "active": true, "description": "Forward Webex Webhook response for processing", "sweep_up_filter": "" }'