Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.clarion.cantina.xyz/llms.txt

Use this file to discover all available pages before exploring further.

This guide walks you through setting up a Clarion Generic Webhook monitor — a flexible endpoint that accepts JSON events from any service that can make an HTTP POST request. Use it to bring custom alerts, deploy events, CI failures, or any JSON payload into Clarion.
Estimated time: 5 minutes. You will need a Clarion workspace and the ability to configure outbound webhooks in the source service.

Prerequisites

  • A Clarion workspace
  • A service that can send HTTP POST requests with a JSON body (CI systems, bespoke scripts, SaaS tools with webhook outputs, Slack-style senders, etc.)

Step 1 — Create a Generic Webhook monitor

  1. In Clarion, go to Settings > Integrations
  2. Find Webhook and click Add Monitor
  3. Give the monitor a name — it is prefixed onto alert titles, so different monitors are easy to tell apart
  4. Pick an authentication method (see the next section)
  5. Pick a default severity for alerts created by the monitor
  6. Click Create
Clarion generates a webhook URL and, depending on the auth method, a signing secret or bearer token. Copy them right away.
Copy any generated secret immediately — it is only displayed once. You can rotate it later from the monitor’s Configure page, but you cannot view the current value.

Step 2 — Choose an authentication method

ModeHow requests are authenticatedWhen to use
HMAC-SHA256 signatureSender signs the raw request body with the shared secret and sends the hex digest in X-Webhook-Signature (also accepts X-Hub-Signature-256 with the sha256= prefix)Production senders that can compute HMAC
Bearer tokenSender includes Authorization: Bearer <token>Services with a simple token field in their webhook config
No authenticationAny request is acceptedTrusted internal networks only
“No authentication” accepts any POST. Only use it for traffic that is already restricted by a private network or VPN.
The authentication method is fixed at creation. To switch, create a new monitor.

Step 3 — Send events from your service

Point the source service at the webhook URL Clarion gave you. Use POST with a JSON object body, up to 100 KB.

Minimal example

curl -X POST "https://<your-clarion-host>/api/webhooks/generic-webhook/<monitor-id>" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer <bearer-token>" \
  -d '{"type": "deploy.failed", "message": "Production deploy failed", "severity": "high"}'

What goes in the payload

Any valid JSON object is accepted. Clarion looks at the payload’s type, event, eventType, or event_type field (in that order) to derive an event type — used for matching filters and included in the alert title. If none of those fields is present, the event is treated as generic. Fields used by the default alert template:
FieldHow it’s used
type / event / eventType / event_typeEvent type — filter matching and alert title
messageIncluded as the body of the alert description
severityShown under “Reported severity” in the description
sourceShown under “Source” in the description
All other fields are attached to the alert for reference — no field is dropped.

Optional headers

HeaderPurpose
X-Webhook-Signature or X-Hub-Signature-256HMAC-SHA256 hex digest of the body (required when the monitor uses HMAC auth)
Authorization: Bearer <token>Required when the monitor uses Bearer auth
X-Idempotency-Key or X-Request-IdIf present, retries of the same value are treated as duplicates and will not create a second alert

The default “All webhook events” filter

When you create the monitor, Clarion adds an All webhook events filter that creates an alert for every incoming event with the default severity you chose. From the monitor’s Configure page you can:
  • Change the default severity — it applies to the default filter immediately
  • Disable the default filter if you only want alerts for specific events
  • Add more filters that match by event type, payload fields, or conditions (e.g. only alert when severity = critical)
Each alert’s title includes the monitor name and the time the event arrived; the description surfaces common payload fields (message, severity, source) alongside the event type.

Using as a Slack replacement

Many services offer a “Slack incoming webhook URL” field for sending notifications. Because the Generic Webhook accepts arbitrary JSON, you can drop the Clarion webhook URL into those fields instead — your notifications become Clarion alerts that get triaged by AI agents. To set this up:
  1. Create a Generic Webhook monitor with No authentication (most Slack-style senders don’t sign requests) or Bearer token if the source service lets you add an Authorization header
  2. Copy the webhook URL from the monitor
  3. In the source service, paste the Clarion webhook URL wherever it asks for a Slack webhook URL
  4. Send a test notification — it will appear as an alert in Clarion
Slack-compatible senders usually put the notification body in a text field, which isn’t one of the event-type fields Clarion looks at — so those events are treated as generic and the default All webhook events filter still catches them.For nicer alert titles, edit the default filter’s title template to reference the fields your sender actually uses (for example {{text}} for Slack-style payloads).

What happens next

Once configured, Clarion will automatically:
  • Accept JSON events at the monitor’s webhook URL
  • Apply the default All webhook events filter (and any custom filters you add) to create alerts
  • Triage incoming alerts using AI agents and surface actionable insights