ROB-3785 Add Send Events API documentation with integration guides

[naomi-robusta]

Summary

This PR adds comprehensive documentation for the new Send Events API, a unified webhook endpoint for ingesting alerts, incidents, and changes from monitoring systems into Robusta. The documentation includes the main API reference and step-by-step integration guides for 18+ monitoring platforms.

Key Changes

• New Send Events API documentation (send-events-api.rst): Complete API reference including:

  • Overview of the webhook endpoint and its capabilities
  • Query parameter specifications (account_id, origin, type, labels)
  • Authentication via Bearer token
  • Example curl request
  • Response codes and error handling
  • Delivery Log UI reference

• Integration guides for 18 monitoring platforms:

  • Prometheus/AlertManager: alertmanager.rst
  • Incident Management: PagerDuty, Opsgenie, Rootly, Incident.io
  • APM & Observability: Datadog, New Relic, Dynatrace, Splunk, Sentry
  • Cloud Providers: GCP Cloud Monitoring, Azure Monitor, AWS CloudWatch
  • Changes & Deployments: Argo CD, GitHub, LaunchDarkly
  • Other: Nagios, SolarWinds
  • Grafana (Prometheus/AlertManager category)

• Each integration guide includes:

  • Prerequisites (account ID, API key requirements, platform-specific permissions)
  • Webhook URL template
  • Step-by-step configuration instructions
  • Verification steps

• Documentation structure updates:

  • Updated main configuration index to feature Send Events API prominently
  • Updated main docs index to reference Send Events API instead of legacy Send Alerts API
  • Organized integrations by category (Prometheus, APM, Cloud, Incident Management, Changes, Other)

Notable Implementation Details

• The Send Events API accepts arbitrary JSON payloads with per-origin parsers for known sources
• Supports three event types: alert, incident, and change
• Flexible authentication: Bearer token in Authorization header or URL query parameter (token) for platforms that don't support custom headers
• All integration guides follow a consistent template for easy maintenance and user experience
• Maintains backward compatibility with legacy Send Alerts API

https://claude.ai/code/session_01HiDKwRb85FXHRH39WhrEwS

[github-actions]

✅ Docker image ready for 18444e2 (built in 33s)

• us-central1-docker.pkg.dev/robusta-development/temporary-builds/robusta-runner:18444e2

⚠️ Warning: does not support ARM (ARM images are built on release only - not on every PR)

Use this tag to pull the image for testing.

📋 Copy commands

⚠️ Temporary images are deleted after 30 days. Copy to a permanent registry before using them:

gcloud auth configure-docker us-central1-docker.pkg.dev
docker pull us-central1-docker.pkg.dev/robusta-development/temporary-builds/robusta-runner:18444e2
docker tag us-central1-docker.pkg.dev/robusta-development/temporary-builds/robusta-runner:18444e2 me-west1-docker.pkg.dev/robusta-development/development/robusta-runner-dev:18444e2
docker push me-west1-docker.pkg.dev/robusta-development/development/robusta-runner-dev:18444e2

Patch Helm values in one line:

helm upgrade --install robusta robusta/robusta \
  --reuse-values \
  --set runner.image=me-west1-docker.pkg.dev/robusta-development/development/robusta-runner-dev:18444e2

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

This PR introduces comprehensive documentation for Robusta's new "Send Events API"—a unified webhook endpoint for ingesting alerts, incidents, and changes from 14+ monitoring platforms—and replaces references to the legacy "Send Alerts API" throughout the documentation site.

Changes

Send Events API Documentation

Layer / File(s)	Summary
Send Events API Specification docs/configuration/exporting/send-events-api.rst	Defines the /webhooks endpoint with query parameters (account_id, origin, type), Bearer token authentication scoped to account_id, request/response format, HTTP error codes (400, 401, 429, 503), and a grid of integrations linking to per-vendor setup docs.
Integration Setup Guides docs/configuration/exporting/send-events/*.rst	Fourteen vendor-specific guides (AlertManager, AWS CloudWatch, Azure Monitor, Datadog, Dynatrace, GCP Monitoring, Grafana, Nagios, New Relic, Opsgenie, PagerDuty, Sentry, SolarWinds, Splunk). Each covers prerequisites, webhook URL template, platform configuration steps, and verification via Delivery Log and Robusta timeline.
Navigation and Index Updates docs/configuration/exporting/robusta-pro-features.rst, docs/configuration/index.rst, docs/index.rst	Replace "Send Alerts API" with "Send Events API" in Pro features, add "Programmatic Integration" section linking legacy APIs on configuration landing page, and register Send Events API in HTTP APIs toctree for site discoverability.

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly Related PRs

• robusta-dev/robusta#1902: Overlapping edits to exporting docs and API documentation reorganization including send-alerts-api changes.
• robusta-dev/robusta#2068: Also edits Send Alerts API documentation in the same alert-API surface area.
• robusta-dev/robusta#2013: Modifies docs/configuration/exporting/robusta-pro-features.rst and HTTP APIs listing.

Suggested Reviewers

• arikalon1
• pavangudiwada
• moshemorad

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The pull request title accurately summarizes the main change: adding Send Events API documentation with integration guides for multiple monitoring platforms.
Description check	✅ Passed	The description is well-structured and clearly related to the changeset, detailing the Send Events API documentation, integration guides for 18+ platforms, and documentation structure updates.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/reorganize-alerts-events-api-iHfSY

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 5

🧹 Nitpick comments (2)

docs/configuration/exporting/send-events/launchdarkly.rst (1)

27-27: ⚡ Quick win

Add security warning for URL query-parameter token exposure

At line 27, appending the token as a query parameter (&token=...) is a recognized security risk because query parameters leak via server logs, proxy logs, and browser history. Add a brief note recommending the use of scoped API keys with a rotation policy to mitigate exposure.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/configuration/exporting/send-events/launchdarkly.rst` at line 27, Update
the LaunchDarkly docs line that instructs appending "&token=<ROBUSTA_API_KEY>"
to the URL by adding a brief security warning: note that query-parameter tokens
can be exposed in server/proxy logs and browser history, recommend using HMAC
signing where supported instead, and advise using scoped API keys with limited
permissions plus a rotation policy to mitigate exposure. Ensure the warning is
adjacent to the existing LaunchDarkly guidance so readers see the safer
alternatives and key management recommendations.

docs/configuration/exporting/send-events-api.rst (1)

254-254: ⚡ Quick win

Add trailing newlines to all documentation files.

All seven RST files in this PR are missing a trailing newline at the end of the file. POSIX-compliant text files should end with a newline character, and some version control systems and text processing tools expect this.

Files affected:

• send-events-api.rst (line 254)
• dynatrace.rst (line 39)
• argocd.rst (line 53)
• opsgenie.rst (line 38)
• alertmanager.rst (line 49)
• splunk.rst (line 40)
• pagerduty.rst (line 48)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/configuration/exporting/send-events-api.rst` at line 254, Add a trailing
newline character at EOF for each of the seven RST files listed
(send-events-api.rst, dynatrace.rst, argocd.rst, opsgenie.rst, alertmanager.rst,
splunk.rst, pagerduty.rst) so they become POSIX-compliant text files; open each
file (e.g., send-events-api.rst) and ensure the last line ends with a single
'\n' character, save the file and commit the change.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/configuration/exporting/send-events/argocd.rst`:
- Line 47: Add a concrete example showing how to set the annotation key by
replacing <trigger> with a real trigger name (e.g., "on-sync-failed") and
include a complete annotation snippet for an Argo CD Application
(metadata.annotations with
notifications.argoproj.io/subscribe.on-sync-failed.robusta: "enabled" or a list
of receivers/triggers). Reference the annotation pattern
notifications.argoproj.io/subscribe.<trigger>.robusta and provide a minimal
Application metadata example so readers can copy/paste a fully-formed
annotation.

In `@docs/configuration/exporting/send-events/aws-cloudwatch.rst`:
- Line 48: The external HTTP call uses urllib.request.urlopen(req).read()
without a timeout; change the call to pass an explicit timeout (e.g.,
urllib.request.urlopen(req, timeout=5)) so the Lambda fails fast on network
issues; locate the usage of urllib.request.urlopen and the req variable in the
sample and add the timeout argument (and optionally handle
urllib.error.URLError/timeout exceptions where the .read() result is used).

In `@docs/configuration/exporting/send-events/github.rst`:
- Around line 27-31: Add an explicit security warning under the GitHub webhooks
URL-token example (the example URL containing ...?token=<ROBUSTA_API_KEY>)
stating that embedding tokens in URLs can leak via browser history, server logs,
and referrers; advise to prefer header-based authentication when available, and
if query-token must be used recommend scoping the token, rotating it frequently,
and using short-lived tokens or limited-permission API keys. Place this notice
immediately after the code block and keep it concise and prominent (e.g., a
warning admonition) so readers see the security guidance alongside the
token-in-URL example.

In `@docs/configuration/exporting/send-events/nagios.rst`:
- Line 31: Replace the plaintext API key in the Nagios notification command
sample (the "-H 'Authorization: Bearer <ROBUSTA_API_KEY>'" line) with a Nagios
resource macro such as "$USER20$"; update the surrounding text to instruct users
to define $USER20$ in a resource.cfg file and set restrictive file permissions
(600 or 660) and appropriate ownership so the secret is not exposed, and add a
short note advising that resource.cfg should be protected from backups and
unauthorized access per Nagios Core security best practices.

In `@docs/configuration/index.rst`:
- Around line 14-26: Update the card and toctree entries that reference the
legacy Send Alerts API so they point to the unified Send Events API: replace the
grid-item-card titled "Send Alerts API" (the card with :octicon:`code;1em;`) and
its :link value "exporting/send-alerts-api" with the new title "Send Events API"
and link "exporting/send-events-api", and change the inline description text
that currently mentions the legacy "/api/alerts" REST endpoint to a brief
statement about the unified Send Events API; also update the toctree entry
"exporting/send-alerts-api" to "exporting/send-events-api".

---

Nitpick comments:
In `@docs/configuration/exporting/send-events-api.rst`:
- Line 254: Add a trailing newline character at EOF for each of the seven RST
files listed (send-events-api.rst, dynatrace.rst, argocd.rst, opsgenie.rst,
alertmanager.rst, splunk.rst, pagerduty.rst) so they become POSIX-compliant text
files; open each file (e.g., send-events-api.rst) and ensure the last line ends
with a single '\n' character, save the file and commit the change.

In `@docs/configuration/exporting/send-events/launchdarkly.rst`:
- Line 27: Update the LaunchDarkly docs line that instructs appending
"&token=<ROBUSTA_API_KEY>" to the URL by adding a brief security warning: note
that query-parameter tokens can be exposed in server/proxy logs and browser
history, recommend using HMAC signing where supported instead, and advise using
scoped API keys with limited permissions plus a rotation policy to mitigate
exposure. Ensure the warning is adjacent to the existing LaunchDarkly guidance
so readers see the safer alternatives and key management recommendations.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d76692e0-c444-4e6c-9f6e-583a582c459b

📥 Commits

Reviewing files that changed from the base of the PR and between b059129 and 412042f.

📒 Files selected for processing (23)

• docs/configuration/exporting/robusta-pro-features.rst
• docs/configuration/exporting/send-events-api.rst
• docs/configuration/exporting/send-events/alertmanager.rst
• docs/configuration/exporting/send-events/argocd.rst
• docs/configuration/exporting/send-events/aws-cloudwatch.rst
• docs/configuration/exporting/send-events/azure-monitor.rst
• docs/configuration/exporting/send-events/datadog.rst
• docs/configuration/exporting/send-events/dynatrace.rst
• docs/configuration/exporting/send-events/gcp-monitoring.rst
• docs/configuration/exporting/send-events/github.rst
• docs/configuration/exporting/send-events/grafana.rst
• docs/configuration/exporting/send-events/incidentio.rst
• docs/configuration/exporting/send-events/launchdarkly.rst
• docs/configuration/exporting/send-events/nagios.rst
• docs/configuration/exporting/send-events/newrelic.rst
• docs/configuration/exporting/send-events/opsgenie.rst
• docs/configuration/exporting/send-events/pagerduty.rst
• docs/configuration/exporting/send-events/rootly.rst
• docs/configuration/exporting/send-events/sentry.rst
• docs/configuration/exporting/send-events/solarwinds.rst
• docs/configuration/exporting/send-events/splunk.rst
• docs/configuration/index.rst
• docs/index.rst

[CLAassistant]

All committers have signed the CLA.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/configuration/exporting/send-events/pagerduty.rst`:
- Line 33: Update the docs sentence that states "PagerDuty will sign the
payload, but Robusta authenticates on the API key alone — the signature is
ignored" by either (A) adding a brief architectural rationale and security
implications (explain why API-key-only was chosen, acknowledge risks of a single
compromised key, and advise mitigation steps such as key rotation, scoped keys,
rate limits and monitoring), or (B) implement signature validation in the
PagerDuty webhook processing path by adding a verify function (e.g.,
validate_pagerduty_signature or verify_pagerduty_webhook) called from the
PagerDuty webhook handler, plus a configuration flag (e.g.,
enable_pagerduty_signature_verification) and documentation showing how to add
the PagerDuty signing secret; then update the sentence to state that signatures
are validated when the flag is enabled and describe required config and behavior
on mismatch.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: c117f3f3-0490-45ed-9baf-76e105ac90ae

📥 Commits

Reviewing files that changed from the base of the PR and between fec0efe and d4b30e7.

📒 Files selected for processing (15)

• docs/configuration/exporting/send-events-api.rst
• docs/configuration/exporting/send-events/alertmanager.rst
• docs/configuration/exporting/send-events/aws-cloudwatch.rst
• docs/configuration/exporting/send-events/azure-monitor.rst
• docs/configuration/exporting/send-events/datadog.rst
• docs/configuration/exporting/send-events/dynatrace.rst
• docs/configuration/exporting/send-events/gcp-monitoring.rst
• docs/configuration/exporting/send-events/grafana.rst
• docs/configuration/exporting/send-events/nagios.rst
• docs/configuration/exporting/send-events/newrelic.rst
• docs/configuration/exporting/send-events/opsgenie.rst
• docs/configuration/exporting/send-events/pagerduty.rst
• docs/configuration/exporting/send-events/sentry.rst
• docs/configuration/exporting/send-events/solarwinds.rst
• docs/configuration/exporting/send-events/splunk.rst

✅ Files skipped from review due to trivial changes (13)

• docs/configuration/exporting/send-events/splunk.rst
• docs/configuration/exporting/send-events/grafana.rst
• docs/configuration/exporting/send-events/newrelic.rst
• docs/configuration/exporting/send-events/datadog.rst
• docs/configuration/exporting/send-events/azure-monitor.rst
• docs/configuration/exporting/send-events/gcp-monitoring.rst
• docs/configuration/exporting/send-events/solarwinds.rst
• docs/configuration/exporting/send-events/dynatrace.rst
• docs/configuration/exporting/send-events/opsgenie.rst
• docs/configuration/exporting/send-events/alertmanager.rst
• docs/configuration/exporting/send-events-api.rst
• docs/configuration/exporting/send-events/sentry.rst
• docs/configuration/exporting/send-events/nagios.rst

🚧 Files skipped from review as they are similar to previous changes (1)

• docs/configuration/exporting/send-events/aws-cloudwatch.rst