# Generic webhook variables

You can customize your generic webhook response with data from Contrast events such as NEW_VULNERABILITYand SERVER_OFFLINE. Each event contains variables you can call in your payload request. Variables are either for general use or for an application, server or vulnerability.

Variables

Description

General variables

$EventType The event type responsible for triggering the webhook For example: SERVER_OFFLINE $Message

A message summarizing the event that triggered the webhook

$OrganizationId The unique ID Contrast assigns to an organization when it is created $OrganizationName

$Title Always returns “Contrast Security” Application variables $ApplicationChild

Returns true if the application is a child application, false if not

$ApplicationCode A secondary shorthand that appears in the title of an application, and is blank by default For example: TEST $ApplicationContextPath

The context path of the application

For example: /example/somethingelse

$ApplicationFirstSeen When the application was first seen, in Unix time For example: 1572033840000 $ApplicationHasParentApp

Returns true if the application has a parent, false if not

$ApplicationImportance Enumerated value of the application Importance level For example: MEDIUM $ApplicationId

The unique ID Contrast assigns to an application when it is created

For example: 49fe2978-1833-4441-83db-2b7o486d9413

$ApplicationImportanceDescription The importance level assigned to the application For example: Medium $ApplicationLanguage

The programming language of the application

$ApplicationLastSeen When the application was last seen, in Unix time For example: 1572033840000 $ApplicationLicenseLevel

$ApplicationMaster Returns true if the application is a primary application, false if not $ApplicationName

The name of the application

$ApplicationParentAppId The unique ID Contrast assigns to an application when it’s created, in this case, the parent application, if it exists For example: 49fe2978-1833-4441-83db-2b7o486d9413 $ApplicationTotalModules

The number of modules your application has

Server variables

$Environment The environment of the server For example: DEVELOPMENT or PRODUCTION $ServerId

The ID of the server involved in the event

If more than one server is involved, this is a comma-delimited list of server IDs.

$ServerName The name of the server involved in the event If more than one server is involved, this is a comma-delimited list of server names Vulnerability variables $Severity

If this event is triggered by a vulnerability, this is the severity of the vulnerability

$Status If this event is triggered by a vulnerability, this is the status of the vulnerability $TraceId

If this event is triggered by a vulnerability, this is the vulnerability ID

$VulnerabilityAppVersionTags The application versions the vulnerability is found in For example: v1.2.3 $VulnerabilityAutoRemediatedExpirationPeriod

Auto-remediated expiration period for the vulnerability, in Unix time

For example: 1572033840000

$VulnerabilityBugTrackerTickets A comma delimited list of tickets created when the vulnerability was sent to bugtracker For example: ticket1, ticket2, ticket3 $VulnerabilityCategory

The category of vulnerability found For example: Injection

$VulnerabilityClosedTime When the vulnerability was closed, in Unix time For example: 1572033840000 $VulnerabilityConfidence

Confidence of the vulnerability

$VulnerabilityDefaultSeverity Default severity of the vulnerability $VulnerabilityDiscovered

When the vulnerability was first discovered, in Unix time

For example: 1572033840000

$VulnerabilityEvidence The evidence of the vulnerability $VulnerabilityInstanceUuid

The unique ID Contrast assigns to a vulnerability instance when it is created

For example:  R33T-N00B-TGIF-RM6P

$VulnerabilityFirstTimeSeen When the vulnerability was first seen, in Unix time For example: 1572033840000 $VulnerabilityImpact

The impact level of the vulnerability Values: Low, Medium, High

$VulnerabilityLanguage The programming language of the agent that discovered the vulnerability $VulnerabilityLastTimeSeen

Last time the vulnerability was seen, in Unix time For example: 1572033840000

$VulnerabilityInstanceLastTimeSeen Last time the vulnerability was seen, in Unix time For example: 1572033840000 $VulnerabilityLicenseLevel

$VulnerabilityLikelihood The likelihood of the vulnerability Values: Low, Medium, High $VulnerabilityReportedToBugTracker

When the vulnerability was sent to a bugtracker, in Unix time

For example: 1572033840000

$VulnerabilityReportedToBugTrackerTime Returns true If the vulnerability was sent to a bugtracker $VulnerabilityRule

Rule associated with the vulnerability

$VulnerabilityRuleName Name of the rule associated to the vulnerability $VulnerabilityRuleTitle

Title of the rule associated to the vulnerability

$VulnerabilitySubStatus Substatus of the vulnerability $VulnerabilitySubTitle

Substatus of the vulnerability

$VulnerabilityTags Custom tags associated with the vulnerability For example: my-custom-tag $VulnerabilityTitle

Title of the vulnerability

$VulnerabilitySubStatusKeyCode Key code of the vulnerability substatus $VulnerabilityTotalTracesReceived

Total number of times the vulnerability was received

$VulnerabilityVisible true if the vulnerability is licensed and visible, false if not $VulnerabilityRule

If event is triggered by a vulnerability, this is the rule that the vulnerability violated

\$VulnerabilityTags

If event is triggered by a vulnerability, this is a comma-delimited list of tags associated with the vulnerability