MENU
      Contents x
      Slack
      • 03 Mar 2023
      • 1 Minute to read
      • Print
      • Dark
      Contents
        This documentation version is deprecated, please click here for the latest version.

      Slack

      • Updated on 03 Mar 2023
      • 1 Minute to read
      • Print
      • Dark
      Article summary

      Output detections and audit (only) to a Slack community and channel.

      • slack_api_token: the Slack provided API token used to authenticate.
      • slack_channel: the channel to output to within the community.

      Example:

      slack_api_token: sample_api_token
slack_channel: #detections
      YAML

      Provisioning:

      To use this Output, you need to create a Slack App and Bot. This is very simple:

      1. Head over to https://api.slack.com/apps
      2. Click on "Create App" and select the workspace where it should go
      3. From the sidebar, click on OAuth & Permissions
      4. Go to the section "Bot Token Scope" and click "Add an OAuth Scope"
      5. Select the scope chat:write
      6. From the sidebar, click "Install App" and then "Install to Workspace"
      7. Copy token shown, this is the slack_api_token you need in LimaCharlie
      8. In your Slack workspace, go to the channel you want to receive messages in, and type the slash command: /invite @limacharlie (assuming the app name is limacharlie)
      Was this article helpful?
      What's Next