MENU
      Contents x
      Slack
      • 05 Oct 2024
      • 1 Minute to read
      • Print
      • Dark
      Contents

      Slack

      • Updated on 05 Oct 2024
      • 1 Minute to read
      • Print
      • Dark
      Article summary

      Output detections and audit (only) to a Slack community and channel.

      • slack_api_token: the Slack provided API token used to authenticate.

      • slack_channel: the channel to output to within the community.

      Example:

      slack_api_token: sample_api_token
slack_channel: #detections
      YAML

      Provisioning:

      To use this Output, you need to create a Slack App and Bot. This is very simple:

      1. Head over to https://api.slack.com/apps

      2. Click on "Create App" and select the workspace where it should go

      3. From the sidebar, click on OAuth & Permissions

      4. Go to the section "Bot Token Scope" and click "Add an OAuth Scope"

      5. Select the scope chat:write

      6. From the sidebar, click "Install App" and then "Install to Workspace"

      7. Copy token shown, this is the slack_api_token you need in LimaCharlie

      8. In your Slack workspace, go to the channel you want to receive messages in, and type the slash command: /invite @limacharlie (assuming the app name is limacharlie)

      Was this article helpful?
      Related articles
      What's Next