A fresh installation of Malcolm configures an example custom webhook destination named Malcolm API Loopback Webhook that directs the triggered alerts back into the Malcolm API to be reindexed as a session record with
event.dataset set to
alerting. The corresponding monitor Malcolm API Loopback Monitor is disabled by default, as users will likely want to configure the trigger conditions to suit individual needs. These examples are provided to illustrate how triggers and monitors can interact with a custom webhook to process alerts.
./scripts/auth_setup Store administrator username/password for local Malcolm access? (Y/n): n (Re)generate self-signed certificates for HTTPS access (Y/n): n (Re)generate self-signed certificates for a remote log forwarder (Y/n): n Will Malcolm be using an existing remote primary or secondary OpenSearch instance? (y/N): n Store username/password for email alert sender account? (y/N): y Email account username: firstname.lastname@example.org email@example.com password: firstname.lastname@example.org password (again): Email alert sender account variables stored: opensearch.alerting.destination.email.destination_alpha.password, opensearch.alerting.destination.email.destination_alpha.username (Re)generate internal passwords for NetBox (Y/n): n
This action should only be performed while Malcolm is stopped: otherwise the credentials will not be stored correctly.