Integrations¶

Integrate Smailander with your existing tools and workflows using webhooks.

Webhook Integration¶

Smailander sends real-time events to your external services via webhooks. This allows you to integrate Smailander with your existing security tools, notification systems, and automation workflows.

Creating a Webhook¶

Create a webhook in the Smailander dashboard:

Navigate to Settings → Webhooks
Click Create Webhook
Enter your webhook URL
Select events to receive
Set a secret for signature verification
Click Save

Webhook Events¶

Smailander sends the following events:

Event	Description
`email.received`	New email received by honeypot
`threat.detected`	Threat detected in email
`malware.found`	Malware detected in attachment
`phishing.detected`	Phishing attempt detected

Webhook Payload¶

Example webhook payload:

{
  "event": "email.received",
  "timestamp": "2026-03-12T14:30:15Z",
  "data": {
    "email_id": "email_1234567890",
    "honeypot": "test@company.com",
    "from": "attacker@malicious.com",
    "subject": "Urgent: Account compromised",
    "threat_score": 85,
    "threat_type": "malware"
  }
}

Notification Integrations¶

Slack Integration¶

Receive Smailander alerts in your Slack channels:

const express = require('express');
const app = express();
app.use(express.json());

app.post('/slack-webhook', async (req, res) => {
  const event = req.body;

  if (event.type === 'email.received') {
    await fetch('https://hooks.slack.com/services/YOUR/WEBHOOK/URL', {
      method: 'POST',
      body: JSON.stringify({
        text: `📧 New email from ${event.data.from}`,
        attachments: [{
          text: `Subject: ${event.data.subject}`,
          fields: [{
            title: 'Threat Score',
            value: event.data.threat_score,
            short: true
          }, {
            title: 'Honeypot',
            value: event.data.honeypot,
            short: true
          }]
        }]
      })
    });
  }

  res.json({ received: true });
});

Discord Integration¶

Send alerts to Discord:

const Discord = require('discord.js');
const client = new Discord.Client();

client.on('webhookEvent', async (event) => {
  if (event.type === 'threat.detected') {
    const channel = client.channels.get('YOUR_CHANNEL_ID');
    await channel.send({
      embeds: [{
        title: '🚨 Threat Detected',
        description: `From: ${event.data.from}`,
        fields: [
          { name: 'Threat Type', value: event.data.threat_type },
          { name: 'Threat Score', value: event.data.threat_score },
          { name: 'Subject', value: event.data.subject }
        ],
        color: 0xff0000
      }]
    });
  }
});

Microsoft Teams Integration¶

Receive alerts in Microsoft Teams:

app.post('/teams-webhook', async (req, res) => {
  const event = req.body;

  if (event.type === 'threat.detected') {
    await fetch('https://outlook.office.com/webhook/YOUR/WEBHOOK/URL', {
      method: 'POST',
      body: JSON.stringify({
        "@type": "MessageCard",
        "title": "🚨 Threat Detected",
        "text": `From: ${event.data.from}`,
        "sections": [{
          "facts": [{
            "name": "Threat Score",
            "value": event.data.threat_score.toString()
          }, {
            "name": "Threat Type",
            "value": event.data.threat_type
          }]
        }]
      })
    });
  }

  res.json({ received: true });
});

SIEM Integration¶

Splunk Integration¶

Send events to Splunk:

import requests

def send_to_splunk(event):
    hec_url = "https://splunk.yourcompany.com:8088/services/collector"
    headers = {
        'Authorization': 'Splunk YOUR_HEC_TOKEN',
        'Content-Type': 'application/json'
    }

    data = {
        'sourcetype': 'json',
        'event': event
    }

    requests.post(hec_url, json=data, headers=headers)

Elasticsearch Integration¶

Index events in Elasticsearch:

from elasticsearch import Elasticsearch

es = Elasticsearch(['https://elastic.yourcompany.com'])

def index_event(event):
    es.index(
        index='smailander-events',
        body=event
    )

Ticketing Integration¶

Jira Integration¶

Create Jira tickets for threats:

const axios = require('axios');

async function createJiraTicket(event) {
  const issue = {
    fields: {
      project: { key: 'SEC' },
      summary: `Threat from ${event.data.from}`,
      description: event.data.content,
      issuetype: { name: 'Security Issue' },
      priority: {
        name: event.data.threat_score > 70 ? 'High' : 'Medium'
      }
    }
  };

  await axios.post(
    'https://yourcompany.atlassian.net/rest/api/3/issue',
    issue,
    {
      auth: {
        username: 'YOUR_EMAIL',
        password: 'YOUR_API_TOKEN'
      }
    }
  );
}

ServiceNow Integration¶

Create incidents in ServiceNow:

const incident = {
  short_description: `Threat from ${event.data.from}`,
  description: event.data.content,
  severity: event.data.threat_score > 70 ? '1' : '2',
  impact: event.data.threat_score > 70 ? '1' : '2',
  urgency: event.data.threat_score > 70 ? '1' : '2'
};

await fetch('https://yourcompany.service-now.com/api/now/table/incident', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': 'Basic ' + btoa('USER:PASSWORD')
  },
  body: JSON.stringify(incident)
});

Automation Integration¶

Zapier Integration¶

Connect Smailander to thousands of apps:

Create a Zapier account
Create a new Zap
Set up webhook trigger
Use Smailander webhook URL
Connect to your favorite apps

Security Integration¶

Verify Webhook Signatures¶

Always verify webhook signatures for security:

const crypto = require('crypto');

function verifyWebhook(payload, signature, secret) {
  const hmac = crypto.createHmac('sha256', secret);
  hmac.update(payload);
  const expectedSignature = hmac.digest('base64');

  return crypto.timingSafeEqual(
    Buffer.from(signature),
    Buffer.from(expectedSignature)
  );
}

// Usage
app.post('/webhook', (req, res) => {
  const signature = req.headers['x-smailander-signature'];
  const isValid = verifyWebhook(req.rawBody, signature, 'YOUR_SECRET');

  if (!isValid) {
    return res.status(401).send('Invalid signature');
  }

  // Process webhook
});

Best Practices¶

Verify Signatures: Always verify webhook signatures
Error Handling: Implement proper error handling
Logging: Log all webhook events for debugging
Idempotency: Make handlers idempotent (handle duplicate events)
Testing: Test thoroughly before production
Monitoring: Monitor webhook delivery success rate
Rate Limiting: Protect your endpoints from abuse

Troubleshooting¶

Webhook Not Receiving Events¶

Check: - Webhook URL is accessible - Events are selected in Smailander - Secret matches - Firewall allows inbound traffic

Signature Verification Fails¶

Check: - Secret is correct - Payload is not modified - Use raw body for verification

Events Delayed¶

Check: - Network connectivity - Endpoint response time - Retry logic implementation

Support¶

API Overview - API documentation
Webhooks - Webhook configuration
Architecture - System architecture
FAQ - Common questions
Contact - Get support