search
Go to websiteGo to app

GitHub Integration

GitHub is a code hosting and collaboration platform that supports native webhook delivery for repository events. When something happens in your repository — a push, a failed workflow, a new vulnerability alert — GitHub can send a real-time HTTP POST request to any endpoint you configure.

This integration connects GitHub to ITOC360 so that repository events automatically create or resolve incidents in your on-call workflow. No middleware or third-party service required; the webhook goes directly from GitHub to ITOC360.

hashtag
How It Works

GitHub sends a webhook payload to itoc360 every time a subscribed event occurs in your repository. The X-GitHub-Event header in each request identifies the event type — ITOC360 uses this to determine whether to open or resolve an incident. For events like workflow failures or vulnerability alerts, a new incident is created. When the same workflow succeeds on a subsequent run, or the vulnerability is dismissed, ITOC360 automatically resolves it.

hashtag
Prerequisites

  • A GitHub repository where you have admin access

  • Your ITOC360 webhook URL, generated when you create the integration

hashtag
In ITOC360

Go to Integrations, click Add Integration, and select GitHub from the list. Copy the webhook URL that appears — you'll paste it into GitHub in the next step.

hashtag
In GitHub

hashtag
Step 1 — Open Webhooks Settings

Navigate to your repository on GitHub. Click Settings in the top navigation bar, then find Webhooks in the left sidebar under Code and automation.

Click Add webhook in the top right corner.

hashtag
Step 2 — Configure the Webhook

Fill in the form as follows:

  • Payload URL — paste your ITOC360 webhook URL here

  • Content type — select application/json

  • Secret — leave this empty

  • SSL verification — leave Enable SSL verification selected

  • Which events would you like to trigger this webhook? — select Send me everything

  • Make sure Active is checked at the bottom

Click Add webhook to save. GitHub will immediately send a ping request to confirm the connection is working.

hashtag
Supported Events

ITOC360 processes the following GitHub event types:

Event
Trigger
Resolve

workflow_run

Workflow fails or times out

Workflow succeeds

deployment_status

Deployment errors or fails

Deployment succeeds

check_run

Check fails or requires action

Check passes

pull_request

PR opened or updated

PR closed

issues

Issue opened

Issue closed

repository_vulnerability_alert

Vulnerability detected

Vulnerability dismissed or fixed

push

Commit pushed to any branch

release

Release published

All other event types are accepted and logged as alerts with a default priority.

hashtag
Notes

  • GitHub identifies event types via the X-GitHub-Event request header, not the payload body. ITOC360 reads this header automatically — no additional configuration needed.

  • If you want to limit noise, you can go back to the webhook settings and switch from Send me everything to Let me select individual events, then choose only the events relevant to your workflow.

  • The webhook secret field is optional. If you set one in GitHub, ITOC360 will ignore it (signature verification is not enforced at the receiver).

PreviousElastic IntegrationsNextGitLab Integration

Last updated

Was this helpful?