Slack Integration

Instructions for Integration Between Slack & InsightCloudSec

The InsightCloudSec integration with Slack provides the ability to send notification messages to Slack channels and is compatible with all InsightCloudSec Resources.

An example of using this integration would be to generate and send high priority security alerts through Slack to a certain channel or channels when noncompliant security group rules are provisioned, such as SSH open to the world.


Before getting started you will need to have the following:

  • A functioning InsightCloudSec platform installation with an admin role
  • The appropriate permissions/access/approval to configure a Slack App/Webhook.

For general information about Integrations (editing and deleting), refer to the Integrations Overview page.

If you need help with this integration, contact us through the Customer Support Portal.

Configuring Your Slack Integration

Configuration in Slack

The following instructions are for the steps required to create an Incoming Webhook for integration into your InsightCloudSec platform. If you have not created a new App, refer to the Slack instructions on how to do so here.

After you have created a Slack "App" you can enable the Webhooks capability as follows

1. From your Slack application make sure you are logged in to your Workspace. Navigate to and click on the "Your Apps" button on the top right.

  • Note: if you have not created an App you can do so from this page using the "Create New App" button.
Accessing Your Slack AppsAccessing Your Slack Apps

Accessing Your Slack Apps

2. Click on the name of the App you created to open the configuration options and locate the "Incoming Webhooks" option on the left under "Features".

Activating WebhooksActivating Webhooks

Activating Webhooks

3. Toggle the option to "Active Incoming Webhooks" to activate the "Webhook URL for Your Workspace" feature.

4. Click on the "Add New Webhook to Workspace" button and select the target channel from your workspace in which you want to generate a new webhook, click "Allow".

5. Copy the newly created webhook URL from Slack and save this information somewhere safe to supply to InsightCloudSec to complete your integration.

Copy the Webhook URL from SlackCopy the Webhook URL from Slack

Copy the Webhook URL from Slack

Configuration in InsightCloudSec

1. Open InsightCloudSec and navigate to "Administration --> Integrations".

2. Locate the Slack card on the Integrations page and click "Edit".

3. Provide a name and paste the "WebHook URL" you created in Slack.

  • If desired click the "plus" to add a line for any additional WebHooks, and complete with the name/URL.

4. Select "Save" to complete the integration.

Adding the Slack WebHook Into DivvyCloud from Integrations PageAdding the Slack WebHook Into DivvyCloud from Integrations Page

Adding the Slack WebHook Into DivvyCloud from Integrations Page

Using Slack WebHooks for System Health Notifications

In addition to adding a Slack WebHook through the InsightCloudSec Integrations page, users can also include a Slack Integration/WebHook in InsightCloudSec's System Settings. This capability enables Slack notifications for System Health. Users can select a cadence for the notifications and, as with the general WebHook integration/configuration, can specify a Slack channel.

To add this WebHook, from InsightCloudSec navigate to "Administration --> System Administration" on the "Systems" tab.

System Administration - System SettingsSystem Administration - System Settings

System Administration - System Settings

Scroll to the "Health Notifications" content section (lower left) at the bottom of the page.

You can add your Slack WebHook here and your selected channel will receive notifications based on the cadence you select (Daily or Hourly).

Slack WebHook for Health NotificationsSlack WebHook for Health Notifications

Slack WebHook for Health Notifications

Configuring the "Send Slack Message" Bot Action

The following are the steps required to configure a Bot to verify the configuration of your Slack Integration. Refer to the following steps.

1. Go to the BotFactory page and click "Create Bot"

2. Complete the Resource Type & Groups and Query Filters sections.

3. In the Actions section, click "Add Action" and find the "Send Slack Message" action.

Configuring the Send Slack BotConfiguring the Send Slack Bot

Configuring the Send Slack Bot

4. Type in the name of the channel where you want to post the Slack message.

5. Type in the name that will be displayed when the message gets posted in Slack, e.g., "InsightCloudSec".

6. Type in a value if you want to dynamically assign the recipient via one or more Tags.

7. Type in a value if you want to dynamically assign the recipient via one or more Badges.

Configuring the Bot ActionConfiguring the Bot Action

Configuring the Bot Action

8. Add content to the message that will be posted to Slack. You can include actionable information with Jinja2 formatting.

For example:

A resource of type ```{{resource.get_resource_type()}}``` was discovered at
```{{resource.common.creation_timestamp}}``` without the required *owner*
or *contact-email* tags. The resource name is ```{{resource.get_resource_name()}}```.
It lives in account ```{{resource.get_organization_service_name()}}```.

Did this page help you?