When an end user violates a policy in GitHub, a notification is generated based on the notification settings configured by you in the policy configurations.

This document explains where you can find notifications on policy violations and what actions can be taken.

Nightfall Violations Page

To view the Nightfall violations page:

1. Navigate to the Violations page in Nightfall.

2. Apply filters to view only Slack violations.

3. (Optional) Modify the days filter to view historical violations. You can view violations up to past 180 days.

4. You can also use the search bar to search Slack violations. The difference between search bar and filters is that search bar searches for all the Slack violations. You need not apply time filter after applying the search bar filter.

5. (Optional) Hover over a violation to view the severity of the violation. You can also check how likely is it that the detected violation is an actual violation (Likely, Very Likely).

6. Click the ellipsis menu in the right corner to view the list of actions that you can take to initiate on the violation.

7. Click on any violation to view the exact data that caused the violation (highlighted in red).

Email Notification

• When a data leak occurs, Slack sends an Email to end users, if they have configured Email as a Notification method in their Slack account.

• Additionally, if you have configured Email Notification in Admin Alerting, Nightfall admins receive the Email notification.

• If you have configured Email Notification in the Automation section of End user notification settings, end users receive an email from Nightfall. This Email allows end users to take actions from within the Email.

The Email received from by Nightfall Admins and end-users (if configured), looks as follows.

Viewing Notifications in Slack

If you have configured Slack as a Notification in the Automation section of End User Notification, end users can view the violation notification from within Slack.