Handle Alert via Webhook

sec3 provides a simple webhook for alert notification

Alert Object

WatchTower will send each alert as a JSON object to the configured webhook URL via a POST request.

Alert Object Example

{
    "id": "634cf5d77b42a046f68f5a5d",
    "botId": "634cf5d77b42a046f68f5a5e",
    "botName": "MyToken 500+",
    "projectId": "634cf5d77b42a046f68f5a5a",
    "projectName": "My Token",
    "userId": "634cf5d77b42a046f68f5a5f",
    "username": "John Doe",
    "template": "AbnormalTransferToken",
    "severity": "critical",
    "tx": ["6CfQwX7YwvA2bFRT8wfzZEtVEUbbrjUeMzBa9AbtThioHC6xfrfxSC3nCQWB5Y3BLV9cqadf69n9ApeBYhvwzNF1"],
    "detail": "The smart contract is involved in a transaction transferring 923750.55 Unknown Token. The token mint is 9Mu1Kaxbe2fehdDoeTJ5oD7XFQmEiZxzspEd3TZGkavx",
    "target": "TokenkegQfeZyiNwAJbNbGKPFXCWuBvf9Ss623VQ5DA",
    "args": {"threshold": "500"},
    "isArchived": false,
    "created_at": "2022-12-06T17:10:21.672Z",
    "link": "https://pro.sec3.dev/alert/634cf5d77b42a046f68f5a5d"
}

Sample webhook handler code

package main

import (
	"log"
	"net/http"
	"encoding/json"
	"fmt"
	"time"
)

// Define the sec3 WatchTower secret
// In the actual server, the secret should be put in the environmental variables
const SEC3_WATCHTOWER_SECRET = "your_secret"

type Alert struct {
	ID          string            `json:"id"`
	BotId       string            `json:"botId"`
	UserId      string            `json:"userId"`
	ProjectId   string            `json:"projectId"`
	Username    string            `json:"username"`
	ProjectName string            `json:"projectName"`
	BotName     string            `json:"botName"`
	Template    string            `json:"template"`
	Severity    string            `json:"severity"`
	Tx          []string          `json:"tx"`
	Detail      string            `json:"detail"`
	Targets     []string          `json:"targets"`
	Args        map[string]string `json:"args"`
	IsArchived  bool              `json:"isArchived"`
	CreatedAt   time.Time         `json:"created_at"`
	Link        string            `json:"link"`
}

func sec3WebhookHandler(w http.ResponseWriter, r *http.Request) {
	// Verify the incoming request. If the secret is empty or does not match
	// with the one you set, return 401 status code
	incomingSecret := r.Header.Get("X-Sec3-Watchtower-Secret")
	if incomingSecret == "" || incomingSecret != SEC3_WATCHTOWER_SECRET {
		http.Error(w, "unauthorized", http.StatusUnauthorized)
		return
	}
	
	// Declare a new Alert struct.
	var alert Alert

	// Try to decode the request body into the struct. If there is an error,
	// respond to the client with the error message and a 400 status code.
	err = json.NewDecoder(r.Body).Decode(&alert)
	if err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	// Do something with the alert...
	fmt.Printf("Alert:\n %+v\n", alert)
}

func main() {
	http.HandleFunc("/sec3_webhook", sec3WebhookHandler)
	err := http.ListenAndServe(":8080", nil)
	if err != nil {
		log.Fatal(err)
	}
}

// This example uses express.js framework. See https://expressjs.com
const express = require('express');
const app = express();
const port = 3000;

// Define the sec3 WatchTower secret
// In the actual server, the secret should be put in the environmental variables
const SEC3_WATCHTOWER_SECRET = "your_secret";

// Verify the incoming request. If the secret is empty or does not match
// with the one you set, return 401 status code
app.use((req, res, next) => {
  const incomingSecret = req.header("X-Sec3-Watchtower-Secret");
  if (incomingSecret != SEC3_WATCHTOWER_SECRET) {
    res.sendStatus(401);
    return;
  }
  next();
})

app.use(express.json());

app.post('/sec3_webhook', (req, res) => {
  const alert = req.body;

  // Do something with the alert...
  console.log(alert);
  res.sendStatus(200);
})

app.listen(port, () => {
  console.log(`Example app listening on port ${port}`)
})

PreviousAlert Destinations NextBots

Last updated 3 years ago