brily
Integrations

Webhooks.

Brily dispatches signed webhooks for monitor events, incident updates, and NPS responses. Generic webhooks accept any URL; named presets handle the quirks of PagerDuty and Opsgenie.

Create a webhook

In Settings → Webhooks, click New webhook. Provide:

  • URL — any HTTPS endpoint. HTTP allowed only for localhost during development.
  • Events — multi-select from the list below.
  • Secret — we generate one; rotate any time.

Events

  • monitor.alert_triggered — a monitor has crossed its quorum + duration threshold
  • monitor.alert_recovered — the monitor is back to healthy
  • incident.created / incident.updated / incident.resolved
  • response.created — a new NPS response arrived
  • release.created — a new release marker was posted

Payload shape

{
  "event": "monitor.alert_triggered",
  "occurred_at": "2026-04-18T02:17:03Z",
  "project_id": "proj_7KfD1",
  "data": {
    "alert_id": "alt_7Fq",
    "monitor": {
      "id": "mon_9Fq2K3hC",
      "name": "api-health",
      "url": "https://api.example.com/health"
    },
    "severity": "p1",
    "regions_failing": ["fra", "hel"],
    "last_check_error": "status 503"
  }
}

Signing

Every dispatch includes an X-Brily-Signature header with an HMAC-SHA256 of the raw request body using your webhook secret. Verify before processing.

// Node.js
import crypto from "crypto";
import express from "express";

const app = express();
app.use(express.raw({ type: "application/json" }));

app.post("/hooks/brily", (req, res) => {
  const sig = req.header("X-Brily-Signature") ?? "";
  const expected = crypto
    .createHmac("sha256", process.env.BRILY_WEBHOOK_SECRET!)
    .update(req.body)
    .digest("hex");

  const valid = crypto.timingSafeEqual(
    Buffer.from(sig.replace(/^sha256=/, "")),
    Buffer.from(expected)
  );
  if (!valid) return res.status(401).end();

  const payload = JSON.parse(req.body.toString("utf-8"));
  // handle payload.event
  res.status(200).end();
});

Retry behaviour

Brily expects a 2xx response within 10 seconds. On non-2xx or timeout we retry with exponential backoff: 30s, 2m, 10m, 1h, 4h, 24h. After the final attempt we mark the webhook delivery as failed and surface it in Settings → Webhooks → Delivery log.

We do not require idempotency on your end — duplicate deliveries are rare — but consider de-duping on data.alert_id or a similar stable field for defensive hygiene.

Delivery log + replay

Every dispatch is logged for 30 days with status code, response body (first 4 KB), and latency. Individual deliveries can be replayed with one click — useful when your webhook handler deploys a fix.

PagerDuty preset

Select PagerDuty as the integration type instead of Generic. Paste your Events API v2 integration key. Brily's payload is translated into PagerDuty's expected shape; on-call routing and escalation policies live in PagerDuty as usual.

Opsgenie preset

Same pattern as PagerDuty. Paste your Opsgenie API key. We map severity p1/p2/p3 to Opsgenie priority P1/P3/P4 by default — override per webhook if you prefer different mappings.

Next
Monitors-as-code