# Custom Events Webhook

The **Custom Events Webhook** lets you send events from data sources that don't have a dedicated Radiant connector into the platform using a standard HTTP POST request. Events must be valid JSON and are available for searching in Log Manager under the connector type `custom_events_webhook`. Where a dedicated connector exists for your data source, use it instead - dedicated connectors provide richer context and full AI triage processing.

{% hint style="info" %}
**Note:** Events received through the **Custom Events Webhook** bypass AI alert triage processing. Successfully parsed events appear in the Log Manager parsed index. Events that fail parsing appear in the unparsed index.
{% endhint %}

### Prerequisites

Before you configure the Custom Events Webhook, confirm you have:

* [ ] Administrator access to Radiant
* [ ] Access to the data source or system that will send events to the webhook endpoint
* [ ] The ability to make outbound HTTP POST requests from that source to the Radiant API endpoint

### Add the connector in Radiant

1. Log in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, select **Settings** > **Data Connector** and click **+ Add Connector**.
3. Select **Custom Events Webhook** from the list and click **Data Feeds**.
4. Under **Select your data feeds**, select **Custom Events Webhook** and click **Credentials**.
5. In the **Credential Name** field, enter an identifiable name for this credential (for example, `Custom Events Webhook Credentials`).
6. Under **Required Credentials**, enter a value in the **Connector tag** field. This can be any string. Radiant uses this value as salt when generating the authentication token for your connector.
7. Click **Add Connector**.
8. Open the newly created connector. Under **Vendor Configuration**, copy and save the `Webhook URL` and `Token` values. You will need both in the next section.
9. Click **Add Connector** to save your changes.

### Send events to the webhook

Once the connector is configured, your data source sends events to the Radiant webhook endpoint using the following specification.

{% hint style="warning" %}
**Important Note:** Treat the `Token` value as a secret. Anyone with access to this token can post events to your connector. Do not expose it in client-side code or shared logs.
{% endhint %}

### Request details

<table><thead><tr><th width="181.45416259765625">Component</th><th>Value</th></tr></thead><tbody><tr><td>Method</td><td><code>POST</code></td></tr><tr><td>URL</td><td><code>https://api.app.blastradius.ai/connectors/custom_events_webhook/webhook</code> </td></tr><tr><td>Authorization</td><td>None</td></tr><tr><td>Header</td><td>The token copied from the <strong>Data Connectors</strong> configuration screen in step 8 of the <a href="#add-the-connector-in-radiant">Add the connector in Radiant</a> section</td></tr><tr><td>Request body</td><td><p>The request body must be valid <code>JSON</code>. Nested objects and lists are supported. </p><p></p><ul><li><code>timestamp</code> is a required field with the value in epoch seconds (seconds since 1970-01-01 00:00:00 UTC)</li><li>All other fields are optional, and serve as additional key-value pairs describing the event</li><li>Additional fields are allowed that conform to JSON syntax</li></ul></td></tr></tbody></table>

#### Example request body

{% code overflow="wrap" %}

```json
{
  "timestamp": 1773270998,
  "event_name": "Outbound connection to external IP",
  "user_email": "user@example.com",
  "ip_address": "192.168.1.1",
  "port": 12345,
  "bytes": 6789
}
```

{% endcode %}

### Verify ingestion

After sending a test event, confirm the data is flowing into Radiant correctly:

1. In Radiant, navigate to [Log Management](https://app.radiantsecurity.ai/logs).
2. Search for events with connector type custom\_events\_webhook (`rs_connectorType:"custom_events_webhook"`)
3. Confirm your test event appears in the parsed index.

If the event does not appear in the parsed index, check the unparsed index. An event in the unparsed index means the request body was not a valid JSON.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/custom-events-webhook.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
Component	Value
Method	`POST`
URL	`https://api.app.blastradius.ai/connectors/custom_events_webhook/webhook`
Authorization	None
Header	The token copied from the Data Connectors configuration screen in step 8 of the Add the connector in Radiant section
Request body	The request body must be valid `JSON`. Nested objects and lists are supported. `timestamp` is a required field with the value in epoch seconds (seconds since 1970-01-01 00:00:00 UTC) All other fields are optional, and serve as additional key-value pairs describing the event Additional fields are allowed that conform to JSON syntax