Slack
Visualize Slack teams, channels, and users, map Slack users to employees, monitor changes through alerts and queries, and create issues within Slack channels.
- Installation guide
- Slack data model
Installation
To install this integration, you will need to add the JupiterOne Slack App to the Slack workspace you wish to use with JupiterOne.
Configuration in JupiterOne
You can add the JupiterOne Slack application through the JupiterOne dashboard. Navigate to the Integrations tab in JupiterOne and select Addigy. Click New Instance to begin configuring your integration.
Creating a configuration requires the following:
The Account Name used to identify the Addigy account in JupiterOne. Ingested entities will have this value stored in
tag.AccountNamewhen theAccountNametoggle is enabled.Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.The Slack OAuth Scopes are pre-populated. You can adjust as desired by selecting/de-selecting from the drop-down.
noteAll read scopes are used to ingest data into the JupiterOne graph and the write scopes are used for enabling the ability to send notifications to channels in the configured Slack team.
chat:writeis required to post messages in channels & conversations that the@JupiterOnebot is a member of andchat:write.publicis required to post messages to channels that the@JupiterOnebot isn't a member of. Without one or both ofchat:writeandchat:write.publicscopes, users will not be able to configure JupiterOne alert rules with a Slack notification.
Once the integration instance settings have been defined, press Save. This will initiate an OAuth flow with Slack. Press Begin Authorization to initiate the process. During the flow, you will be need to specify the Slack workspace for which you wish to use the JupiterOne integration. Allow access to the workspace to conclude the OAuth flow and finalize the integration.
JupiterOne Alert Rule Slack Notifications
JupiterOne can deliver Slack messages directly to any channel or specific users in a Slack Workspace once the JupiterOne Slack integration has been configured.
Be sure to specify the channel in the format #channel. You can have alerts sent
to private channels as well if you have invited the JupiterOne Slack app to the
private channel.
For more detailed instructions on how to configure JupiterOne Alert Rules, please see the JupiterOne Alert Rule configuration documentation. Additionally, see the JupiterOne Alert Rule Schema documentation for technical details on alert rule/action properties.
Next steps
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
Data Model
Entities
The following entities are created:
| Resources | Entity _type | Entity _class |
|---|---|---|
| Channel | slack_channel | Channel |
| Team | slack_team | Account |
| User | slack_user | User |
Relationships
The following relationships are created:
Source Entity _type | Relationship _class | Target Entity _type |
|---|---|---|
slack_channel | HAS | slack_user |
slack_team | HAS | slack_user |