DataSunrise Achieves AWS DevOps Competency Status in AWS DevSecOps and Monitoring, Logging, Performance

This website stores cookies to collect information about how you interact with our website. To find out more visit our Privacy Policy.

  • Home
  • Guides
  • How to Send DataSunrise Events to a Microsoft Teams Channel via Incoming Webhook using Subscribers

How to Send DataSunrise Events to a Microsoft Teams Channel via Incoming Webhook using Subscribers

How to Migrate DataSunrise CloudFormation Template from Launch Configuration (LC) to Launch Template (LT) Resource in Auto Scaling Group How to Send DataSunrise Events to a Microsoft Teams Channel via Incoming Webhook using Subscribers How To Offload The Audit Database Data To AWS S3 And Read It Using AWS Athena Service How to Convert Trial or BYOL Configuration of DataSunrise to Hourly Billing Backend DB: PostgreSQL (RDS) or Aurora PostgreSQL How to Troubleshoot “Connection Was Terminated” or “Connection Terminated Unexpectedly” Errors in Applications Using DataSunrise Proxies Exploring DataSunrise’s Performance Under High Traffic Conditions DataSunrise’s Approach to Configuring Penalties for SQL Injection Detection How to Block Specific Hosts in DataSunrise for Enhanced Database Security Troubleshooting AWS Metering and Hourly Billing Issues in DataSunrise on AWS Marketplace Cloud Formation Modification Dynamic Data Masking with DataSunrise: Masking with Lua scripts How to Choose the Database for Audit Storage: A Performance Analysis How to Run pgbench Through DataSunrise Proxy on PostgreSQL 14 with SCRAM Authentication DataSunrise SSO Authentication Based on SAML (Okta) DataSunrise SSO Authentication Based on OpenID (Okta) How to Search for Sensitive Data in Images Hosted on AWS S3 How to Deploy DataSunrise with Terraform Template on Azure How to Integrate DataSunrise with SQL Server Always On Cluster How to Deploy DataSunrise in Microsoft Azure Using Azure Resource Manager How to Perform DataSunrise Static Data Masking for MongoDB How to Configure DB Audit Trailing for MS Azure MySQL How to Configure DB Audit Trailing for MS Azure PostgreSQL How to Configure DataSunrise to Mask Data for Amazon Athena How to Upgrade RHEL OS version of existing DataSunrise servers How to Integrate DataSunrise with AWS Database Activity Streams for Getting Auditing Results for AWS Aurora PostgreSQL How to Set Up SSL Certificates for DataSunrise Database Proxy Generating Reports in DataSunrise How to Hide Schemas From Users in Redshift AWS RDS PostgreSQL Audit Logs in DataSunrise How to Audit Administrative Actions in Your Oracle RDS and EC2 How to Check if DataSunrise Receives Traffic How To Remove a Procedure or a Function From a Database

In today’s fast-paced digital environment, keeping track of database events and security alerts is crucial for maintaining the integrity and security of your data. DataSunrise, a leading database security solution, offers robust mechanisms to monitor and alert various database activities. One effective way to stay informed is by sending these notifications directly to a Microsoft Teams channel using webhooks. This blog post will guide you through the process of configuring DataSunrise to send notifications to a Microsoft Teams channel via an incoming webhook using Subscribers.

DataSunrise Subscribers

DataSunrise Subscribers are a powerful feature that allows you to send notifications about database events to various external systems, including instant messengers, email servers, and monitoring tools. Subscribers can be configured to receive notifications based on specific rules and conditions, ensuring that you are alerted to critical events in real time.

How Subscribers Work

Subscribers in DataSunrise work by defining a set of rules and conditions under which notifications are sent. These rules can be based on various database activities such as user logins, security rule events, and audit logs. Once a rule is triggered, the notification is sent to the configured Subscriber, which can be an external application, email server, or instant messenger.

Types of Subscribers

DataSunrise supports several types of Subscribers, including:

  • Email Subscribers. Send notifications via email.
  • Instant Messenger Subscribers. Send notifications to instant messaging platforms like Slack and Microsoft Teams.
  • External Application Subscribers. Send notifications to external applications using custom scripts or APIs.

In this guide, we will focus on configuring an Instant Messenger Subscriber to send notifications to a Microsoft Teams channel using an incoming webhook.

Steps of Configuration DataSunrise Subscribers

Before configuring DataSunrise, you need to set up a Microsoft Teams channel and enable an incoming webhook. Follow these steps:

  1. Create a Channel in Microsoft Teams:
    • Open Microsoft Teams and navigate to the team where you want to create the channel.
    • Click on the More options (…) next to the team’s name and select Add channel.
    • Enter a name and description for the channel. Click Add.
  2. Enable Incoming Webhook:
    • Navigate to the newly created channel.
    • Click on the More options (…) next to the channel name and select Connectors.
    • Search for Incoming Webhook and click Configure.
    • Enter a name for the webhook and upload an image if desired.
    • Click Create and copy the webhook URL.

For detailed instructions, refer to the Microsoft Teams documentation.

After that, go to DataSunrise and do the following steps.

To edit Server Settings, do the following:

  1. Open the DataSunrise web console and navigate to Configuration -> Subscribers -> Add Server -> Edit Server.
  2. In the Parameters subsection, create a new entry called webhook. Set the Type to External.
  3. In the Command field, enter the path to the batch file that will send notifications.

Windows. Path: C:\Program Files\DataSunrise Database Security Suite\scripts\sendAlertToMSTeams.ba./

Linux. Path: /opt/datasunrise/scripts/sendAlertToMSTeams.sh (ensure the path belongs to datasunrise:datasunrise).

Note: for Linux, need to give execution permission -> chmod +x.

To edit the Subscriber Settings, do the following steps:

  1. In the DataSunrise web console, navigate to Configuration -> Subscribers -> Add Subscriber->Edit Subscriber.
  2. Set the Server Type to External. Set the Gate to the same batch file path used in the server settings.
  3. Add parameters required for your specific use case in the Additional Parameters section.

To configure Notifications, go to the Subscriber section. Under the Notify a Subscriber if the Rule Is Triggered section, add the previously created webhook configuration.

The sendAlertToMSTeams.bat script is used to send the notification to Microsoft Teams using the provided webhook. Below is the content of the script:

Batch for Windows.

@ECHO OFF

    REM CHECK IF A PARAMETER WAS PROVIDED
    IF "%~1"=="" (
        ECHO PLEASE PROVIDE A DESCRIPTION AS A PARAMETER.
        EXIT /B 1
    )
    REM SET THE DESCRIPTION PARAMETER FROM THE COMMAND-LINE ARGUMENT
    SET "DESCRIPTION=%~1"
    REM USE CURL TO SEND THE POST REQUEST WITH THE PROVIDED DESCRIPTION
    CURL -H "CONTENT-TYPE: APPLICATION/JSON" -D "{"TEXT": "%DESCRIPTION%"}" HTTPS://ORGANIZATION.WEBHOOK.OFFICE.COM/... (WEBHOOK URL IS MASKED FOR PRIVACY)

Batch for Linux OS.

#!/bin/bash
# CHECK IF A PARAMETER WAS PROVIDED
if [ -z "$1" ]; then
    echo "Please provide a description as a parameter."
    exit 1
fi
# SET THE DESCRIPTION PARAMETER FROM THE COMMAND-LINE ARGUMENT
DESCRIPTION="$1"
# USE CURL TO SEND THE POST REQUEST WITH THE PROVIDED DESCRIPTION
curl -H "Content-Type: application/json" -d "{\"text\": \"$DESCRIPTION\"}" https://organization.webhook.office.com/... # (WEBHOOK URL IS MASKED FOR PRIVACY)

Script Explanation

  • Check for Parameter. The script checks if a description parameter is provided. If not, it exits with an error message.
  • Send POST Request. The script uses curl to send a POST request to the Microsoft Teams webhook URL with the provided description.
  • Replace Webhook URL. Replace the webhook URL in the script with the one copied from the Microsoft Teams configuration.

Benefits of Using DataSunrise Subscribers

  • Real-Time Notifications. Stay informed about critical database events as they happen.
  • Customizable Rules. Define specific rules and conditions for sending notifications.
  • Integration with External Systems. Easily integrate with various external systems, including instant messengers, email servers, and monitoring tools.

Conclusion

By following these steps, you can configure DataSunrise to send notifications to a Microsoft Teams channel using an incoming webhook. This setup ensures that you receive real-time alerts about critical database events directly in your Microsoft Teams channel, allowing for quick response and action.

DataSunrise Subscribers provide a flexible and powerful way to monitor and alert database activities. By leveraging the dynamic capabilities of Subscribers, you can ensure that your team is always aware of important events, enhancing your overall database security posture.

For more information and to download the latest version of DataSunrise with a trial key, visit our website.

Did this guide help you?

Contact Us