Slack Notifications

To send an alert notification via Slack you must first set up the Slack notification channel and have a Slack account configured at Slack.com.

Configuration

To launch the process from the Sysdig UI:

  1. Complete steps 1-3 in Set Up Notification Channels and select Slack.

    You will be prompted to log in to your Slack account.

  2. Select a Slack channel from the drop-down list to be used for notifications and click Allow.

  3. Enter the Slack channel configuration options:

    • Channel Name: Add a meaningful name, such as “Sysdig Notifications”.

    • Enabled: Toggle notifications on and off.

    • Notify when Resolved: Toggle to send a notification when the alert condition is no longer triggered.

    • Notify when Acknowledged: Toggle to send a notification when the alert is manually acknowledged by a user.

    • Test notification: Toggle to send a test notification when saving changes.

    • Shared With: Choose whether to share this channel with All Teams or a specific team.

  4. If you are using Monitor, see Customize Notifications for further configuration options. If you are using Secure, see Choose Notification Format.

  5. Click Save.

You can now configure an Alert to use Slack notifications.

For on-prem installations, use the Webhook method to configure a Slack notification channel by specifying the webhook URL and a unique name for the Slack channel.

Customize Notifications (Monitor)

If you are using Sysdig Monitor, you can customize the sections used when Sysdig sends alert notifications to Slack. This gives you the ability the fine tune the contents and length of Slack notifications according to your preferences.

Toggle sections on or off to alter the length of messages. The preview on the right will respond to your changes.

Choose Notification Format (Secure)

If you are using Sysdig Secure, you can customize the sections used when Sysdig sends event notifications related to Secure Policy Events. Choose between:

  • Shortened View: (Default) Includes a summary of the event giving rule, policy name, and contextual information about where the event took place. When available, a Runbook link and Action taken are displayed.
  • Detailed View: Includes full event details, including policy, rule, actions, runbook link, and other contextual details.

Test a Slack Channel

To test a Slack channel:

  1. Navigate to Notification Channels.

  2. Find the Slack channel in the list. Make use of the search bar if you have a large number of channels.

  3. Click on the three dots for your channel. A menu will open.

  4. Select Test Channel.