1. Introduction
  2. Getting started
  3. Navigation menu
  4. Overview
  5. Adding and managing servers
  6. Webhooks
  7. Advanced features
  8. Subscriptions
  9. Support
  10. Troubleshooting
 

Setting Up Webhooks and Updates

Webhooks are the core of ServerSnug's delivery system, enabling passive, real-time push updates from our threat intelligence. We gather data from our monitoring servers and send notifications directly to your configured endpoints when threats match your thresholds &emdash; no polling required.

Understanding Webhooks

A webhook is a URL on your server that listens for HTTP POST requests from us. Each update includes details like the threat IP, level (monitored, suspicious, serious, critical), timestamp, and any context. You can then use this to update blocklists, log events, or trigger alerts.

Understanding Webhooks

Generate or Provide a Webhook URL: In your server management or dashboard settings, enter a secure HTTPS URL (e.g., https://yourserver.com/webhook/serversnug). We recommend using authentication of API keys for security.

Set Threat Thresholds: Choose which levels trigger updates (e.g., only critical for minimal noise). This filters what we send based on our classifications.

Test the Webhook: Use the "Test" button to send a sample payload. Check your server logs for receipt.

Integration Examples:

Node.js: Use Express to handle POST requests:

			
			app.post('/webhook/serversnug', (req, res) => {
			  const threat = req.body; // { ip: '1.2.3.4', level: 'critical', details: '...' }
			  // Update blocklist here
			  res.sendStatus(200);
			});
Python (Flask): 
			
			@app.route('/webhook/serversnug', methods=['POST'])
			def handle_webhook():
				threat = request.json
				# Process threat data
				return '', 200

For Nginx/Apache, route to a script that processes the JSON payload.

Managing Updates

  1. Frequency and Limits: Updates are pushed as threats are detected, up to your plan's daily cap (e.g., 150 for Basic). View stats on the dashboard to track usage.
  2. Payload Structure: Expect JSON with fields like threat_id, ip, level, severity_score, timestamp, and description.
  3. Error Handling: If delivery fails (e.g., 5xx response), we'll retry up to 3 times with exponential backoff. Monitor stats for issues.
  4. Update History: Access a log on the dashboard showing sent updates, including successes, failures, and content previews.

Troubleshooting:
No updates? Check thresholds, webhook status, and subscription limits.

Security:
Always validate payloads and use HTTPS.

For advanced setups, like custom payloads or integrations, see Advanced Features (/help/advanced-features). If needed, Contact Support (/support).

  • Copyright © 2023-2026 Zetesim Limited
  • All rights reserved
Company