Possibly a question out of left field, but is there an easy way to force a host to have a vulnerability detected, such that the vulnerabilities webhook fires, so that the webhook can be tested without needing to wait an indeterminate period of time to verify if it is working? Also, is there a means to find out from the Fleet logs when/if the webhook has fired; for instance, to find out if the receiving service (e.g., Slack) rejected the POST data (such as if the

host_batch_size

is too large)?

Hey @Alex Sullivan, it doesn't seem like there's a great way to force a host to have a vulnerability detected to fire off the webhook. We have the ability to force the trigger for policies, but not vulnerabilities just yet. To answer your second question, a failed webhook would appear in the Fleet logs: https://github.com/fleetdm/fleet/blob/0173e3b12c34184bd83b5a680450b506a7ca9beb/server/webhooks/vulnerabilities.go#L73

Copy, thanks for that information!