Webhook Logging

Webhooks log information is stored in different locations, depending on the information captured.

• Cherwell REST API log:

  Captures validation information from incoming requests. This includes authentication information, provider type, and Amazon Simple Notification Services (SNS) subscription confirmation.

  For example:

  • Incoming requests that exceed the 100,000 kb size limit are rejected and logged.
  • If an Amazon SNS signature is missing or invalid, requests are rejected and logged.
  • A warning is logged on initial requests from Amazon SNS because they are initially sent as unauthorized. The Cherwell REST API sends a 401 response and sets the header to basic authentication. Amazon then resends the message with authentication information.
  • If a webhook uses the provider type of Amazon SNS and the request is not of that type, the request is rejected and an error is logged.

• System Event Processing Service log:

  Captures processing information for requests after they are validated and sent to the queue.

  For example:

  • If the System Event Processing Service is paused, requests are not queued and a 503 error is logged.
  • If the System Event Processing Service is enabled but a webhook endpoint is disabled, requests are not queued and a 404 error is logged.
  • Once the System Event Processing Service is disabled, requests are queued and are processed when the service is enabled. No logging occurs in this case.