Write Zoom Webhook Events to New Relic's Log API.
- Zoom Marketplace developer access
- Zoom requires an HTTPS connection with a TLS certificate from Certificate Authority (CA), NOT SELF-SIGNED certificate. If you need help with this see below in Development
- Docker installed and running on the target host
- Ensure you have CA certificates, see Development below
- Build the Docker image (
docker build --no-cache --tag zoom-logger .) using thisDockerfile
# syntax=docker/dockerfile:1
# Step 1: Build the application from source
FROM golang:1.21-alpine AS build-stage
WORKDIR /build
# The Go image does not include git, add it to Alpine
RUN apk add git
RUN git clone https://github.com/newrelic-experimental/ZoomWebhookToLog.git
WORKDIR ZoomWebhookToLog
# Install the application's Go dependencies
RUN go mod download
# Build the executable
RUN GOARCH=amd64 GOOS=linux go build -o /zoomLogger internal/main.go
# Step 2: Deploy the application binary into a lean image
FROM alpine AS build-release-stage
WORKDIR /
COPY --from=build-stage /zoomLogger /zoomLogger
# COPY certs in from a local location- for instance:
# NOTE: if you use mount to add the certs symlinks that are not a sub directory will not work- this is a Dockerism
COPY cert/privkey1.pem ./key.pem
COPY cert/fullchain1.pem ./cert.pem
# Neither ENTRYPOINT nor CMD support ENV variables so manually keep EXPOSE and "-Port" in-sync
# Default is TLS
EXPOSE 443
ENTRYPOINT ["/zoomLogger", "-Port", "443"]- Prepare, but DO NOT run, the application to run as a detached process that can survive user logout. How to do this is beyond the scope of this document, here are some useful references:
- [systemd on Linux] (http://tuxgraphics.org/npa/systemd-scripts/)
- [User defined Service on Windows] (https://learn.microsoft.com/en-us/troubleshoot/windows-client/deployment/create-user-defined-service)
- [Docker on Linux] (https://linux.how2shout.com/how-to-start-docker-container-automatically-on-boot-in-linux/)
Configuration with defaults is self-describing for this application:
Usage of bin/mac-zoomProcessor:
-CertFile string
Path to cert file (default "cert.pem")
-FlushInterval int
Number of milliseconds to wait before flushing the Zoom Event buffer to New Relic (default 500)
-FlushMaxSize int
Number of bytes to buffer before writing to the New Relic Log API (default 100000)
-IngestKey string
New Relic Ingest key
-KeyFile string
Path to key file (default "key.pem")
-LogApiEndpoint string
New Relic Log API HTTP endpoint ( https://docs.newrelic.com/docs/logs/log-api/introduction-log-api/#endpoint ) (default "https://log-api.newrelic.com/log/v1")
-LogLevel string
Golang slog log level: debug | info | warn | error (default "info")
-NoZoomTLS
DO NOT listen for Zoom Webhooks on TLS
-Port string
Port to listen on for inbound Webhook events (default "443")
-ZoomSecret string
Zoom webhook secret token from the Zoom Marketplace Add Feature page of this app
Configuration begins with command line arguments, which may then be overridden with environment variables.
NOTE: This program is written in Go and uses the Go flag package for command line argument processing. The Go philosophy for boolean command line flags is that they default to false and their presence on the command line turns
them to true. If you want to explicitly set a command line boolean you must use an = sign. For instance -NoZoomTLS=true, -NoZoomTLS also sets the flag to true.
NOTE: As Zoom requires a TLS connection this program defaults to the use of TLS and you must explicitly disable TLS with -NoZoomTLS if you plan on handling TLS in the network front-end.
File paths should be fully qualified to avoid problems. When using Bash, relative paths are relative to the PWD envvar when the application is started. For instance, if the application is in ./bin and the certs are in ./scratch
bin/zoomProcessor -CertFile scratch/cert.pem -IngestKey 1 -ZoomSecret 1 -KeyFile scratch/key.pem works
NOTE: All command line parameters can be overridden with envvars
- Login to the Zoom App Marketplace. You must have Developer permissions.
- Pull down
Developin the top right corner and selectBuild App
- Select
CreateunderWebhook OnlyfromChoose your app type
(NOTE: if you do not have Developer permissions you will not be able to click this button) - Name your App in the
Create a Webhook appdialog and pressCreate
- Fill-in the
Informationfor the App, all fields are required- For
Privacy,Terms, andSupportyou may link to the respective.mdfiles in this repository - Press
Continue
- For
- On the
Featuretab save theSecret Token!
- Add the
Secret Tokenfrom Step 3 to the App's configuration - Start the application, opening the
EXPOSEport to the outside world
docker run -p 443:443/tcp zoom-logger -IngestKey YOUR_NEW_RELIC_INGEST_KEY -ZoomSecret YOUR_ZOOM_SECRET -LogLevel info - From the
Featuretab enableEvent Subsriptions
- Fill in
- Subscription name (optional)
- Event notification endopoint URL (the web address of YOUR webhook)
- Click
Validate
- Assuming everything is setup properly you can now
Add Events. The comprehensive list of Webhook Events is here
- Select the Events you want to log and press
Done
- Press
Saveand thenContinueand your Webhook is activated
- Login into One New Relic
- Open
Query Your Data
- Query the data using NRQL
select * from Log where source = 'ZoomWebhook' since 1 week ago
- Needs a cert & key pem
- Needs permission to listen on 443
- CANNOT BE SELF-SIGNED, try https://certbot.eff.org/instructions?ws=other&os=ubuntufocal
The app provides a health check endpoint at /healthcheck which returns a 200 status code when the app is available.
- Check the command line args
docker run -p 443:443/tcp zoom-logger -help - Run the raw Go app
go build -o bin/mac-zoomProcessor internal/main.go && bin/mac-zoomProcessor -ZoomTLS=false -IngestKey=1234 -ZoomSecret=1234 - Look at the Docker logs
- Ensure Docker builds fresh
docker build --no-cache --tag zoom-logger .
- Install Go 1.21 on the system
- Download the Release
- unzip/tar the Release
- cd into the Release directory
go mod download
See here for a list of GOOS and GOARCH values. Requires go 1.21.
GOOS=linux GOARCH=amd64 go build -o bin/zoomProcessor internal/main.go- Let's Encrypt is a good, free, CA to get around the no self-signing problem
- certbot works with Let's Encrypt
- Zoom Webhook developer docs
- Zoom example Webhook written in NodeJS
New Relic has open-sourced this project. This project is provided AS-IS WITHOUT WARRANTY OR DEDICATED SUPPORT. Issues and contributions should be reported to the project here on GitHub.
We encourage you to bring your experiences and questions to the Explorers Hub where our community members collaborate on solutions and new ideas.
We encourage your contributions to improve this project! Keep in mind when you submit your pull request, you'll need to sign the CLA via the click-through using CLA-Assistant. You only have to sign the CLA one time per project. If you have any questions, or to execute our corporate CLA, required if your contribution is on behalf of a company, please drop us an email at opensource@newrelic.com.
A note about vulnerabilities
As noted in our security policy, New Relic is committed to the privacy and security of our customers and their data. We believe that providing coordinated disclosure by security researchers and engaging with the security community are important means to achieve our security goals.
If you believe you have found a security vulnerability in this project or any of New Relic's products or websites, we welcome and greatly appreciate you reporting it to New Relic through HackerOne.
This project is licensed under the Apache 2.0 License.