Slack Alerts
Nightfall automatically create a Slack channel to send alerts.
To configure Slack alerts to be received in a Slack channel,
For Slack DLP,
Add Nightfall app to the Slack alert channel.
Go to channel settings > Integrations.
Invite Nightfall application.
Go to Settings in the Nightfall console. These settings are available for both Slack Pro and Slack enterprise users.
For non-Slack DLP apps,
Add Nightfall Alerts app to the Slack alert channel.
Go to channel settings > Integrations.
Invite Nightfall Application.
Go to Settings in the Nightfall console. These settings are available for both Slack Pro and Slack enterprise users.
Alert messages for policy violations are sent to #nightfall-alerts-slack channel, which is automatically created by Nightfall.
For quarantined messages, alerts are sent to the #nightfall-quarantine-slack channel for all quarantined message alerts. The content of the quarantined messages is sent to the #nightfall-content-slack channel.
Information in Slack Alerts
A Slack alert provides detailed information about a violation as shown in the table below:
Metadata | Information | |
---|---|---|
Finding | Where | |
Channel Name | Name of Slack channel | |
Channel Type | Public, Private, Direct Message | |
When | Timestamp | |
Detection Rules | Detection rules violated by the message | |
Policies Violated | Nightfall Policies violated by the message | |
Who | Name of the user who violated the policy | |
Link to violations dashboard | Link to the violation in the console | |
Finding Snippets | Original message that violated the policy in redacted format. | |
Remediation actions | Links to supported remediation actions like notify user, delete, quarantine, redact and acknowledge. |
Last updated