• 12 Mar 2024
  • 2 Minutes to read
  • Contributors
  • Dark
  • PDF


  • Dark
  • PDF

Article Summary

What is Workato?

Workato helps you automate business workflows across cloud and on-premises application. For example, automated quote-to-cash business processes, which may involve transferring data between apps such as Salesforce, Netsuite,, and Apttus.

Workato combines an enterprise-grade workflow automation platform with the ease of use expected from consumer apps, enabling both business and IT users to quickly build workflow automations.

Why should you use Workato?

Workato will assist Accedian with automation of the business flows across cloud and on-premise applications. Initially it will be used to send alerts generated from the Accedian platform to ticketing systems used by our customers. This can include Slack, Freshdesk, Jira, Salesforce to name a few.

How are Interceptor alerts pushed to Workato?

Interceptor alerts are pushed to Workato using a service called Alert Export Service. This service runs on the deployments and continuously looks for new alert export service configurations.

For the tenants, we want to push the alerts to Workato, we need to create Alert Export configuration using API call. As soon as the configuration is created the alerts start getting pushed to Workato.

Below is the API collection that should be used to create, update, delete and list alert export configuration.

The Postman collection below references the APIs that are called:

Alert Export Service.postman_collection.json

Some important fields of the configuration are shown below:

  • alertexporturl - This is the webhook which will receive the alert inside Workato.

Note: This webhook will be used inside the Workato recipe to receive alerts.

  • alertpolicylist - The alert export service will export alerts corresponding to Policy IDs mentioned inside this field to Workato. This is a filter mechanism to limit number of alerts hitting the Workato Webhook. The Policy IDs can be separated by a comma.

Here is a sample payload to create alert export configuration:

    "data" : {
        "type" : "alertExports",
        "attributes" : {
            "alertexportenabled": true,
            "alertexportname": "sqa3auto dev1 test",
            "alertexporttype": "webhook",
            "alertexporturl": "",
            "alertpolicylist": ["7a65509e-4562-44cc-a9fe-5af7cd783944"]

Here is the payload and the response in POSTMAN:

An example of a Workato recipe, where the webhook mentioned in the alert export configuration is used, is shown below:


The list of fields related to Interceptor alerts that are available in Workato and can be used to send customized messages, includes:

  • alertState
  • captureApplicationId
  • captureClientZoneId
  • captureLayer
  • captureServerZoneId
  • destinationIp
  • destinationPort
  • endTimestamp
  • applicationName
  • macClient
  • macServer
  • mitreTactics
  • objectId
  • policyId
  • policyType
  • processedTimestamp
  • securityJobType
  • severity
  • source
  • sourceIp
  • startTimestamp
  • tenantId
  • tenantName
  • timestamp
  • uid

© 2024 Accedian Networks Inc. All rights reserved. Accedian®, Accedian Networks®,  the Accedian logo™, Skylight™, Skylight Interceptor™ and per-packet intel™, are trademarks or registered trademarks of Accedian Networks Inc. To view a list of Accedian trademarks visit: 

Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.