Torq connector and actionedit

The Torq connector uses a Torq webhook to trigger workflows with Kibana actions.

Create connectors in Kibanaedit

You can create connectors in Stack Management > Connectors or as needed when you’re creating a rule. For example:

configured Torq connector
Connector configurationedit

Torq connectors have the following configuration properties:

Name
The name of the connector. The name is used to identify a connector in the Stack Management UI connector listing, and in the connector list when configuring an action.
Torq endpoint URL
Endpoint URL (webhook) of the Elastic Security integration you created in Torq.
Torq authentication header secret
Secret of the webhook authentication header.

Create preconfigured connectorsedit

If you are running Kibana on-prem, you can define connectors by adding xpack.actions.preconfigured settings to your kibana.yml file. For example:

xpack.actions.preconfigured:
  my-torq:
    name: preconfigured-torq-connector-type
    actionTypeId: .torq
    config:
      webhookIntegrationUrl: https://hooks.torq.io/v1/somehook
    secrets:
      token: mytorqtoken

Config defines information for the connector type.

webhookIntegrationUrl
An address that corresponds to Torq endpoint URL.

Secrets defines sensitive information for the connector type.

token
A string that corresponds to Torq authentication header secret.

Test connectorsedit

You can test connectors with the run connector API or as you’re creating or editing the connector in Kibana. For example:

Torq connector test

Torq actions have the following configuration properties.

Body
JSON payload to send to Torq.