Skip to main content
NEW: RSAC 2026 NHI Field Report. How Non-Human Identity became cybersecurity's central axis
Back to Integrations
Alarm Channel

Webhook Alarm Channel

POST JSON payloads to any HTTPS endpoint. Works with PagerDuty, Opsgenie, Discord, and custom SOAR.

Key Features

  • Custom HTTPS endpoint with optional HMAC signing
  • Structured JSON payload (severity, source, secret type, location)
  • Configurable retries and dead-letter handling
  • Compatible with PagerDuty, Opsgenie, Discord, Microsoft Teams webhooks

Requirements

  • 1HTTPS endpoint URL
  • 2Optional: shared secret for HMAC signing
  • 3Cremit Argus account
Setup Time5 min

Step-by-step setup guide

The exact flow you follow inside the dashboard.

Overview

The webhook alarm channel delivers Argus detection events to any HTTPS endpoint as signed JSON payloads. Use it to route alerts into PagerDuty, Opsgenie, Discord, Microsoft Teams, or an in-house SOAR pipeline.

Prerequisites

  • An HTTPS endpoint that accepts POST requests
  • Optional: a shared secret for HMAC-SHA256 signature verification
  • A Cremit Argus account

Step-by-Step Setup

Step 1: Open Add Alarm Channel in Argus

  • Argus > Alarm > Add Alarm Channel
  • Select the Webhook tab

Step 2: Configure the channel

  • Name: give the channel a descriptive label (for example, '#security-alerts via Opsgenie')
  • Description: optional note about the receiving team
  • Endpoint URL: paste your HTTPS endpoint
  • Signing secret: optionally provide a secret; Argus will sign each request with HMAC-SHA256 over the raw body

Step 3: Set payload format and routing

Argus ships a canonical JSON schema but also offers preset transformations for common targets.

  • Default: Argus canonical schema (severity, source, secret type, location, rotation hints)
  • Preset: Slack-compatible Block Kit, Microsoft Teams card, Discord embed, PagerDuty Events API v2
  • Optional filters: send only critical severity, or only specific sources

Step 4: Test and create

  • Click Send Test Event; Argus delivers a sample payload to the endpoint
  • Confirm receipt on the downstream side and validate signature if enabled
  • Click Create Channel

Verification

To confirm the integration is configured correctly:

  • The test event returns HTTP 2xx from your endpoint
  • The receiving system displays the test event correctly
  • If signing is enabled, your endpoint validates the HMAC-SHA256 signature
  • Real detections appear at the endpoint within seconds of being raised in Argus

Troubleshooting

Issue: The endpoint returns 5xx and Argus marks the channel unhealthy.

  • Solution: Argus retries with exponential backoff and moves messages to a dead-letter queue after 5 failures. Fix the receiver and click Retry on the DLQ to replay messages.

Issue: Signature verification fails on the receiver.

  • Solution: Sign over the raw request body (not a parsed form), use HMAC-SHA256, hex encoding. The signature is sent in the X-Cremit-Signature header.

Key Benefits

  • Works with any HTTPS endpoint; no vendor lock-in
  • Preset transformations cover the common downstream targets out of the box
  • Optional HMAC signing so receivers can trust the source
  • DLQ and retry semantics so transient outages do not lose detections

Other integrations in this category

Slack

Send detection alerts to a Slack channel via OAuth-installed Argus app.

Learn more

Telegram

Deliver alerts to a Telegram channel or group via bot token.

Learn more

Get started now

Set up the Webhook integration in minutes and start improving your security today.