Get your errors into your monitoring apps, in realtime!
Whenever an error occurs, Errorception can make an HTTP POST to any URL you choose, with the error data in the HTTP POST payload. You can specify this URL in your Settings > Service Hooks > WebHooks. You can specify if the URL should be called every time an error occurs, or only the first time.
You will need to have a publicly accessible web server running at the URL you've specified in your settings. Errors will be posted to your server as they occur, in near-real-time. The Content-Type
of the POST will be application/json
, and will contain a JSON-encoded POST body similar to the following.
{
"isInline": true,
"message": "\"_WidgetManager\" is undefined",
"userAgent": "Mozilla/5.0 (Linux; U; Android 4.1.2; en-us; GT-I9100G Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30",
"when": "after",
"scriptPath": null,
"page": "http://blog.rakeshpai.me/2007/02/ies-unknown-runtime-error-when-using.html",
"date": "2012-11-12T15:31:02.576Z",
"isFirstOccurrence": true,
"webUrl": "https://errorception.com/projects/4e4b1652f384ef4d2d000002/errors/4ecc86a0fc68e61a1a06fdfc",
"apiUrl": "https://api.errorception.com/projects/4e4b1652f384ef4d2d000002/errors/4ecc86a0fc68e61a1a06fdfc"
}
Most of the fields in the JSON above are self-explanatory. If isInline
is true, scriptPath
will be null
. isFirstOccurrence
indicates if the error has occurred for the very first time. webUrl
is a link to the error, and apiUrl
can be used to fetch details about the error using the HTTP API.
Since the WebHook URL you've created will likely be open to the Internet, anyone will be able to make hits to it. To ensure that you only process POSTs from Errorception, you can perform a little check to ensure that you aren't being tricked.
Whenever you create a WebHook, Errorception creates a secret key for you, which you can see in the settings page itself. Do not share this secret key with anyone!
When Errorception makes a POST to your WebHook URL, it sends a X-Signature
HTTP header. You can then perform the following computation:
sha1(yourSecret + error.message + error.page);
error.message
and error.page
are the strings from the POST you'll have received, and sha1
above is assumed to be a function that generates a sha1 hash. The result of this computation should be equal to the value of the X-Signature
header. Since the secret is only known to you, no one else will be able to generate a matching hash.