π 1: Create the Webhook in KnowBe4 PhishER
Go to
Settings β Integrations β Webhooks β Add WebhookFill in:
Name:
revel8URL:
https://hook.eu1.make.com/{your_custom_hook}Available Data: check
Headers(you can leave the rest unchecked)
Click
Save/Update
π§ 2: Create the Rule (match our header)
Navigate to
PhishER β Rules β New RuleSet:
Name:
revel8 - header match(Optional) Set Tag:
revel8
Create Strings: add a string for our header
Example:
$string_1 = "X-CS-OID: <Your Org ID>"
Condition: set
any of themto match when the header is presentClick
Save
π€ 3: Create the Action (forward via webhook)
Go to
PhishER β Actions β New ActionConfigure:
Name:
revel8 ForwardTrigger:
Specify Tags β Has β Only β revel8(or whichever tag you set in the rule)Report this action:
Send to Webhook β select "revel8"(the webhook from Step 1)
Click
Save
π¨ 4. Header Description (what weβre looking for)
Header name:
X-CS-OIDPurpose: identifies CompanyShield simulation reports
Example format:
X-CS-OID: <your-org-or-tenant-id>
π Requirements & Notes
Ensure your Make.com custom webhook is active and accessible from KnowBe4
The rule must tag items (e.g., revel8) so the action trigger can scope correctly
The header string must match exactly (including the "X-CS-OID" prefix)
β Final Checklist
Webhook revel8 created with URL
https://hook.eu1.make.com/{your_custom_hook}Headers selected under Available Data
Rule "revel8 β header match" created
String added for header (e.g.
$string_1 = "X-CS-OID: <Your Org ID>")Condition set to any of them to match header presence
Action "revel8 Forward" created
Trigger set to Specify Tags β Has β Only β revel8
Action set to Send to Webhook β revel8