The Microsoft Teams integration works like other messaging integrations. InsightCloudSec can send notification messages to Microsoft Teams channels and is compatible with all InsightCloudSec resources.
Users can take advantage of the teams integration to send high priority security alerts to MS Teams Channels. For issues like the provisioning of noncompliant security group rules which leave SSH open to the world, the applicable team or person can receive a notice and respond.
For additional details on Integrations, including editing and deleting integrations, take a look at the Integrations Overview page. Also check out our documentation on Jinja2 for information about templating with Jinja2.
To complete the Microsoft Teams Integration, you will need to ensure you have the following:
- A functioning InsightCloudSec platform installation and Org Admin permissions
- Administrative access to the Microsoft Teams setup you want to use for integration
If you need help with this integration, contact us through the Customer Support Portal.
DivvyCloud vs. InsightCloudSec (Screen Captures)
Some images include DivvyCloud but the capability within InsightCloudSec is exactly the same.
1. Visit your MS Teams application and locate the channel you want to target for integration.
- Note: Channel integrations must be configured individually
2. Click on the ellipsis menu option to the right of the channel and select "Connectors".
3. Locate (using Search) and select the "Incoming Webhook" option. Provide a name (one you can easily remember) and click "Create".
- Note: The name you create here has no link to the name required in InsightCloudSec, but as a best practice, it's typically easier to just keep the same name.
4. After you click "Create", copy the URL generated at the bottom of the form.
Note: If you mistakenly close this form before copying the URL, you can obtain the webhook URL again from the channel details by clicking the ellipsis menu next to the Teams channel (as shown above) and looking under the "Configured" option.
1. Navigate to "Administration --> Integrations" page and select "Edit" on the Microsoft Teams card.
2. Enter a channel name (e.g., MS Integration) and paste the URL you obtained from MS Teams when you created the new webhook. Click "Save".
3. Success. You have configured the integration for Microsoft Teams. Now it's time to set up a Bot to send your notifications.
In addition to general MS Teams channel integration, you can also use an MS Teams webhook to subscribe to InsightCloudSec Health Notifications.
Health Notifications are typically generated based on issues related to the following: system clock drift, job scheduling (no harvest within 24 hours), invalid credentials, assume role failures, and invalid permissions.
- Navigate to "System Administration --> System" to review or enable this capability
- Review the specific details in the System Settings documentation.
To set up a Bot to use the Microsoft Teams integration, you will need to complete something similar to the steps outlined below.
- For detailed step-by-step instructions on using automation check out our documentation on Creating Bots
- You can also check out Working with Bots (Best Practices & Examples) if you want to review some examples.
1. From the main navigation panel, locate Automation and select "BotFactory"
2. Click Create Bot and complete your desired details for the "About Your Bot", "Resource Type & Groups", and "Filters" sections.
3. In the Actions section, click Add Action and locate the new "Send Microsoft Teams Message (Webhook)" action. (Search using "Teams" or "Webhook" for quickest results).
4. Complete the configuration for the action.
Note: You must use the same name you supplied when you created the integration in the InsightCloudSec portion of the setup; our example used "MS Integration" (this name does not have to match the name you supplied in Teams).
5. Select "Next" to define any Run Options and then select "Save" when your Bot is complete.
6. Confirm your Bot is operating as intended. If you run into issues we are here to help. Reach out to us through the Customer Support Portal.
After completing your Microsoft Teams integration, you may be interested in learning more about other Integrations we offer, including PagerDuty Integration, ServiceNow Integration, or Splunk Integration.
Updated 5 months ago