Xray webhooks are a powerful tool for setting up custom automation to be triggered when vulnerabilities are detected. You can create such webhooks through the JFrog platform UI or API. Once created, the webhooks can be added to any new or existing Policies as a rule under the Policy Rules List.
Once set up you can start setting up your custom automation by using the data returned by Xray, the response data is formatted as follows:
Example Header:
POST e4443264-a334-4ebb-8ba6-2c2a80958ef3 host [WEBHOOK HOST] version HTTP/1.1 user-agent Xray/3.104.8 authorization Basic [KEY] x-xray-version 3.104.8 accept-encoding gzip x-forwarded-for [IP] x-request-start 1727817952.632 x-forwarded-port 443 x-forwarded-proto https
Example Body:
{ "schema_version": "1.1", "alert_id": "66fc68dd0f12d302c68891c1", "created": "2024-10-01T21:25:49.935220997Z", "top_severity": "Critical", "watch_name": "test-watch", "policy_name": "test-policy", "policy_rule": "test-rule", "issues": [ { "vulnerability_id": "XRAY-173753", "severity": "Medium", "type": "security", "provider": "JFrog", "created": "2021-04-25T16:08:43.13Z", "summary": "[Vulnerability Summary]", "description": "[Vulnerability description]", "impacted_artifacts": [ { "name": "pinot-distribution-0.10.0.jar", "display_name": "org.apache.pinot:pinot-distribution:0.10.0", "path": "default/test-repository/org/apache/pinot/pinot-distribution/0.10.0/", "pkg_type": "Maven", "sha256": "1b8289cf21fffacfb70cbb844cd3d8e0610762a599c30378de9eb895329af81a", "sha1": "6a7fb558aaef69668417c081626183cb85d9f681", "depth": 0, "parent_sha": "1b8289cf21fffacfb70cbb844cd3d8e0610762a599c30378de9eb895329af81a", "infected_files": [ { "name": "pom.xml", "path": "META-INF/maven/org.glassfish.jersey.core/jersey-common/", "sha256": "0000000000000000000000005e2da5df327912e725043569c6dc9f4b2f792ef9", "depth": 0, "parent_sha": "1b8289cf21fffacfb70cbb844cd3d8e0610762a599c30378de9eb895329af81a", "display_name": "org.glassfish.jersey.core:jersey-common:2.28", "pkg_type": "Maven", "impact_paths": [ "org.glassfish.jersey.core:jersey-common:2.28", "org.apache.pinot:pinot-distribution:0.10.0" ] } ], "vulnerable_components": [ { "name": "org.glassfish.jersey.core:jersey-common:2.28", "vulnerable_versions": [ "2.28 ≤ Version < 2.34", "3.0.0 ≤ Version < 3.0.2" ], "fixed_versions": [ "2.34", "3.0.2" ] } ] } ], "cve": "CVE-2021-28168", "cwe": [ "CWE-732", ... "CWE-668" ], "cvss_v2": "2.1/CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N", "cvss_v3": "5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "applicability_details": null, "references": { "advisories": [ { "url": "https://lists.apache.org/thread.html/r454f38e85db149869c5a92c993c402260a4f8599bf283f6cfaada972%40%3Cjira.kafka.apache.org%3E" }, ... ,{ "url": "https://lists.apache.org/thread.html/ra3290fe51b4546fac195724c4187c4cb7fc5809bc596c2f7e97606f4@%3Cjira.kafka.apache.org%3E" } ] } }, ... ] }