Slack configuration

Edit online

Slack is an instant messaging platform designed by Slack Technologies. The Slack integration is used to send outgoing messages in Guardium® Data Security Center to a specified Slack channel. After setting up Slack integration, you can use the integration for notifications and policy alerts (for example, when scheduling jobs, you can choose Send message through Slack as the recipient).

Before you begin

Data Compliance DDR This content is available through the IBM® Guardium Data Compliance and Guardium Data Detection and Response modules

To use this integration, you need to create a Slack app. When you create the integration, you will need to use the app's incoming WebHook or its bot user token. You can obtain these values as follows:

  • If you will use Webhook, open your app in https://api.slack.com/apps and then select Features > Incoming Webhooks and ensure that incoming Webhooks are activated and that you workspace has a Webhook URL. You will copy this URL and, when creating your integration in Guardium Data Security Center, you will paste it in the Webhook URL field.
  • If you will use a bot token, open your app in https://api.slack.com/apps:
    • Select Features > OAuth & Permissions. Under OAuth Tokens for Your Workspace, you will copy the Bot User OAuth Token and then, when creating your integration in Guardium Data Security Center, you will paste it in the Bot token field.
      Note: While in the OAuth & Permissions page, you can scroll to the Scopes section. In this section, confirm that the Bot Token Scopes include chat:write (this scope provides the ability to send messages to channels and it is necessary for integrating with Guardium Data Security Center).
    • Select Basic Information > App-Level Tokens. Then select your token in the Token Name list. After opening the token, copy its Token value. This value will be pasted in the Guardium Data Security Center App-level token field.
    • When you use a bot token, you specify the Slack Channel that the Guardium Data Security Center integration will post to. This channel must include your Slack app. In the channel, type /invite. Then select Add apps to this channel and add your app to the channel.

To see the various settings, open the main menu. Open this menu by clicking the main menu icon (main menu). After opening the menu, select Configurations > Integrations.

Procedure

  1. Choose the Slack card.
  2. After reading the About information, click Next.
  3. Enter a unique name for the integration in the Name field.
  4. Select one of the available Credential type options:
  5. Public SSL certificate: Enter the server certificate details (to learn how to obtain an SSL certificate, see Obtaining an SSL certificate).
  6. After completing the configuration settings, click Test connection to ensure that the Guardium Data Security Center can connect to your app.
  7. After testing the connection, click Finish to create the integration.
  8. When the new Slack integration opens, you will see templates that have been generated by Guardium Data Security Center. There are templates for a variety of notification types (for example, policy alert notifications and risk notifications). The templates map Guardium Data Security Centerdetermine how your Slack notifications will be displayed - and they include other modifiable fields.
    1. To enable or disable any of the notification templates, click the slider next to the template.
    2. If a template is enabled, you can modify it by clicking Edit next to the template.
    3. To create a template for the notification from scratch, click Create a template.

Results

After you create the integration, it is automatically enabled. You can disable or delete the integration by selecting its menu in the Connected integrations section of the Integrations page. You can also open the integration and click its top right hand slider to enable or disable it.

When you open the integration, you can edit it - however, you will need to re-enter any encrypted data, such as tokens and certificates (encrypted values are not preserved during the edit action).