Notification Destinations
Notification destinations define where CloudQuery Platform sends notifications when alerts are triggered or policy violations are detected. Each destination is an HTTP endpoint that receives POST requests with event details.
Creating a notification destination
- In the sidebar, click your user icon and select Admin Settings.
- Navigate to the Notification Destinations section.
- Click Add notification destination.
- Configure the following fields:
Destination name — a label to identify this destination when configuring alerts (e.g., “Slack - Security Channel” or “PagerDuty”).
Destination URL — the HTTP(S) endpoint to send notifications to. For Slack, use an Incoming Webhook URL. For other services, use their webhook or API endpoint.
Web request body — the JSON payload sent with each notification. Use placeholder variables to include dynamic alert data.
HTTP Headers — optional headers included with the request. Set Content-Type: application/json for most destinations.
Enabled — whether this destination is active. Disabled destinations do not receive notifications.
- Click Save notification destination.
Testing a destination
After saving, click Send test notification to verify the endpoint is reachable and the payload format is correct. Test notifications send the configured body with placeholder variables unreplaced — they show the raw template text.
Placeholder variables
Use these variables in the web request body to include dynamic data from the triggering alert:
| Variable | Description |
|---|---|
{{query_name}} | The name of the query the alert is configured on |
{{query_url}} | Direct URL to the query in the CloudQuery Platform SQL Console |
{{alert_status}} | Current alert state: triggered or inactive |
{{alert_severity}} | The severity level configured for the alert |
{{alert_message}} | The custom message configured for the alert |
{{alert_violations}} | The number of rows returned by the query |
Example: Slack webhook
To send alert notifications to a Slack channel:
- Create a Slack Incoming Webhook for your target channel.
- Set the Destination URL to the webhook URL.
- Add the header:
Content-Type: application/json. - Use this request body:
{
"text": "*{{alert_status}}* — {{query_name}}\nSeverity: {{alert_severity}}\nViolations: {{alert_violations}}\n<{{query_url}}|View in CloudQuery>"
}Example: Generic webhook
For services like PagerDuty, Opsgenie, or custom HTTP endpoints:
{
"title": "CloudQuery Alert: {{query_name}}",
"status": "{{alert_status}}",
"severity": "{{alert_severity}}",
"message": "{{alert_message}}",
"violations": "{{alert_violations}}",
"url": "{{query_url}}"
}Managing destinations
Notification destinations are shared across all alerts. You can:
- Edit a destination’s URL, body, headers, or enabled status at any time
- Delete a destination — alerts using it will stop sending to that endpoint
- Add the same destination to multiple alerts
Troubleshooting
Notifications are not being received
- Verify the destination URL is reachable from the CloudQuery Platform server.
- Check that the
Content-Typeheader matches what the receiving service expects (usuallyapplication/json). - Use the Send test notification button to confirm the endpoint responds.
- Alerts only send notifications on state changes — see Alerts: How alerts work for details.
Destination cannot parse the request body
Ensure the Content-Type header is set correctly. Most webhook endpoints expect application/json, but some services require application/x-www-form-urlencoded or other content types.