This FAQ provides general information about webhooks and events on HPE GreenLake cloud. See the webhooks and events documentation or contact HPE support for detailed guidance and specific queries.
The FAQ contains the following sections:
- General overview
- Setting up webhooks
- Security features
- Event delivery and monitoring
- Event subscriptions
- Operational states
- Compliance and governance
- Real-world use cases
- Limitations and future enhancements
- Documentation
Webhooks are automated HTTP requests that send real-time notifications from the HPE GreenLake cloud to a pre-configured client's external URL when specific events occur.
Events are records that HPE GreenLake creates when a resource has changed (like device additions). The records contain metadata and data about the change in the resource, and the events are sent by HPE GreenLake to the webhook URL. Events enable real-time updates and integrations.
Events can include actions like creating an audit log or expiring a subscription. Check the Event catalog for the current offering.
Webhooks are event-driven and automatically push data to external webhook URLs when events occur. Whereas APIs are request-driven and require users to fetch data manually or periodically.
To enable real-time integrations, automate workflows, and provide instant notifications about platform events and data delivery without request.
An event subscription defines the type of events a webhook listens for, such as resource creation, updates, or deletions.
Go to the platform’s Manage Workspace section, navigate to Automations > Webhooks, and fill out the required details, including the webhook URL and secret key. Read more about registering a webhook.
Yes, you can use the Test option from the Actions menu in the webhook’s settings to ensure proper configuration. Read more about testing a webhook.
You can create up to five webhooks per workspace.
Each webhook can have up to five event subscriptions.
Yes, different webhooks can subscribe to the same event.
Webhooks use the secret key and HMAC (hash-based message authentication code) SHA-256 encryption algorithm for verifying the authenticity of the notifications (webhook payload).
The webhook secret is a password used to authenticate communications between HPE GreenLake and your server. It generates an HMAC signature using the SHA-256 hashing algorithm to verify message authenticity and ensure the event hasn’t been tampered with. This secret acts as a shared key between the events infrastructure and the listener, securing webhook payloads.
Yes, you can rotate or replace the webhook secret in the settings.
The platform retries delivery up to 20 times. On the first failure, the webhook’s state changes to Warning. If all 20 retries fail, the webhook’s state transitions to Critical, requiring manual intervention.
This number may change in the future.
Yes, the platform provides logs of all webhook activities, including failures and errors. These logs can be accessed in two locations:
- Manage Workspace > Audit Logs
- The Webhook details page
To verify your webhook, navigate to its details page. Under the Actions drop-down, you will find a Test option that allows you to send a sample notification to ensure that the webhook is functioning correctly.
To enhance security, follow these best practices:
- Rotate your webhook secret periodically, for example, every 6–12 months or immediately if you suspect it has been compromised.
- Restrict access by allowing only specific IP addresses or domains to send requests to your webhook endpoint.
- Implement rate limiting to control request load and prevent abuse.
- Validate HMAC signatures to verify the authenticity and integrity of incoming payloads.
The system queues events for delivery and batches them if necessary to manage high volumes efficiently.
You can monitor webhook health through the platform’s dashboard, which shows states like "Active," "Warning," or "Critical."
The system retries failed webhook notifications up to 20 times over a span of 12 hours. The retries are spread out at progressively increasing intervals to account for transient issues. If all retries fail, the webhook’s state transitions to Critical.
Undelivered events (after 20 tries) are logged, and the event is dropped.
This number may change in future.
Events include metadata about the occurrence such as type of event (created, updated, or deleted), time of occurrence, and detailed data about the event.
Before subscribing to an event, you need to have registered a webhook.
- Go to the Event catalog.
- From the Service column, select a service. You are brought to the event catalog of that service.
- On the navigation menu, click an event.
- From the event reference documentation, copy the event type. The event type follows the description of the event.
- Log in to HPE GreenLake and navigate to your registered webhook.
- Click Subscribe to event.
- When prompted, paste the event type in to the Event type field.
- Click Subscribe to event.
For a complete overview of managing webhooks and events through the HPE GreenLake UI, see the events documentation.
Yes, you can change the webhook settings to remove specific subscriptions.
Events are categorized by resource type and action type (for example, device created or workspace updated).
- Pending—Awaiting verification.
- Active—Operational and delivering events.
- Warning—Experiencing intermittent issues.
- Critical—Failing consistently.
- Disabled—The webhook is temporarily paused by the user to stop receiving events. When re-enabled manually, it will resume delivering events if the webhook is in an active state.
Yes, you can disable a webhook at any time.
A "Warning" state occurs if the webhook starts failing intermittently, such as due to temporary connectivity issues.
Simply toggle the webhook back to the Active state in the settings.
Yes, you can delete webhooks, but you will lose all associated configurations and logs.
Yes, an audit log records all webhook-related activities, including creation, modification, and failures.
Logs are retained for a predefined period (typically 30-90 days) as per platform policies.
Yes, audit logs provide detailed records for compliance and governance needs.
Yes, webhook payloads are encrypted during transit using HTTPS.
Not currently, but future updates may support region-specific webhook configurations.
Webhooks can notify admins about critical events like device provisioning, resource failures, or configuration changes.
For example, a webhook can trigger a CI/CD pipeline whenever a new resource is created in HPE GreenLake.
Yes, they are ideal for sending instant alerts to Slack, Microsoft Teams, or other communication tools.
Yes, webhooks are region agnostic and can be used across all regions supported by the HPE GreenLake cloud.
Not in the current release. Future updates may include WebSocket support.
No, payloads follow a predefined structure. Custom payload support may be added in the future.
The maximum size is typically 64Kb. Larger payloads are truncated.
Yes, you can subscribe one webhook to multiple event types as needed within its configuration settings. The limit is five per webhook.
Yes, subscription limits may be expanded based on customer feedback and platform scaling.