Nightfall automatically create a Slack channel to send alerts.
To configure Slack alerts to be received in a Slack channel,
For Slack DLP,
Add Nightfall app to the Slack alert channel.
Go to channel settings > Integrations.
Invite Nightfall application.
Go to Settings in the Nightfall console. These settings are available for both Slack Pro and Slack enterprise users.
For non-Slack DLP apps,
Add Nightfall Alerts app to the Slack alert channel.
Go to channel settings > Integrations.
Invite Nightfall Application.
Go to Settings in the Nightfall console. These settings are available for both Slack Pro and Slack enterprise users.
Alert messages for policy violations are sent to #nightfall-alerts-slack channel, which is automatically created by Nightfall.
For quarantined messages, alerts are sent to the #nightfall-quarantine-slack channel for all quarantined message alerts. The content of the quarantined messages is sent to the #nightfall-content-slack channel.
A Slack alert provides detailed information about a violation as shown in the table below:
Finding
Where
Channel Name
Name of Slack channel
Channel Type
Public, Private, Direct Message
When
Timestamp
Detection Rules
Detection rules violated by the message
Policies Violated
Nightfall Policies violated by the message
Who
Name of the user who violated the policy
Link to violations dashboard
Link to the violation in the console
Finding Snippets
Original message that violated the policy in redacted format.
Remediation actions
Links to supported remediation actions like notify user, delete, quarantine, redact and acknowledge.