SIEM
Native SIEM webhook forwarding is not yet available in Robost.
Roadmap
Section titled “Roadmap”Automated event forwarding to SIEM platforms is on the roadmap. No release date is currently committed.
Interim: polling the Alerts API
Section titled “Interim: polling the Alerts API”While native SIEM forwarding is unavailable, you can poll the Robost alerts list programmatically. The backend exposes a GET /api/alerts endpoint that returns paginated alert records. Any authenticated session can call the endpoint — the only requirement is a valid clarity_session cookie obtained via POST /api/auth/login.
Typical steps:
- Authenticate with
POST /api/auth/loginto obtain a session cookie. - Poll
GET /api/alertson a schedule and forward the results to your SIEM ingestion pipeline. - Track the highest
created_attimestamp you have processed to avoid re-ingesting old records.
This approach requires you to manage the polling loop and session renewal yourself. If you need event forwarding at scale, contact support to discuss your requirements and inform the roadmap.