Skip to main content

Send notifications to Slack

You can configure Moogsoft Cloud to send alert or incident notifications to Slack using the Slack API.

The overview of the procedure for this integration is as follows:

Before you begin

Before you set up your Slack outbound integration:

  • Make sure you are signed in with your Slack account on api.slack.com/apps.

  • Make sure you are signed into your workplace in Slack.

Set up a Slack notification channel

  1. Go to api.slack.com/apps.

  2. Click Create New App > From scratch.

  3. Provide a name for the app and select a workspace. Then click Create App.

  4. Enable incoming webhooks:

    1. Navigate to Features > Incoming Webhooks.

    2. Click the slider to enable the feature.

  5. Configure OAuth and permissions:

    1. Navigate to Features > OAuth & Permissions.

    2. Under Scopes > Bot Token Scopes, add a new OAuth Scope named chat:write. This will enable the bot to write messages to the Slack channel.

    3. Under OAuth Tokens for Your Workplace, click Request to Install.

    4. Fill out a request message and submit the request.

  6. Once your administrators approve the installation request, open Slack.

  7. Within Slack, create a new channel.

  8. Navigate back to api.slack.com/apps.

  9. Navigate to Features > OAuth & Permissions > OAuth Tokens for Your Workplace and click Install to Workplace. A page will appear requesting permission to access your workplace.

  10. Select the new Slack channel you created and click Allow.

  11. Open Slack. Within Slack, right click your new channel and select View channel details from the dropdown menu.

  12. Navigate to Integrations > Apps and click Add an App.

  13. Type the name of the app into the search bar and add it to the channel.

Configure the CREATE webhook in Moogsoft Cloud

Once you have finished configuring the notification channel in Slack, you must create new outbound incident webhooks in Moogsoft Cloud in order to send data to Slack. This section explains how to set up the Slack CREATE webhook, which creates new incidents in Slack when incidents are processed in Moogsoft Cloud.

To configure the CREATE webhook:

  1. Log into Moogsoft Cloud and navigate to Integrations > Outbound Integrations > Incident Webhook.

  2. Click Add an Incident Webhook and enter "Slack CREATE" as the name of the webhook. Optionally, provide a description.

  3. Complete each section of the webhook according to the following:

    1. Skip the Triggers section.

    2. Configure the Endpoint:

      1. Set the request method as POST.

      2. Copy and paste the following URL:

        https://slack.com/api/chat.postMessage

      3. Under Authorization, select "Bearer Token" from the dropdown menu.

      4. Click Add New Credentials and provide a name.

      5. Go to api.slack.com/apps and open the page for the app you created earlier for this integration.

      6. Navigate to Features > OAuth & Permissions.

      7. Under OAuth Tokens for Your Workspace, copy the Bot User OAuth Token.

      8. Go back to Moogsoft Cloud and paste the token you just copied into the Token field.

      9. Click Save.

    3. Specify the Payload Body:

      1. Open Slack. Within Slack, right click your notification channel and select View channel details from the dropdown menu.

      2. Scroll down to the bottom of the pop-up window and copy the Channel ID. Save it somewhere for later use.

      3. Go back to Moogsoft Cloud.

      4. Paste the following JSON into the Key/Value Editor box. Make sure to replace <your-channel-ID> with your Slack Channel ID:

        {
    "channel": "<your-channel-ID>",
    "text": "ISSUE: $id || SEVERITY: $severity || TOTAL ALERTS: $total_alerts || DESCRIPTION $description || INCIDENT URL: $incident_url || CREATED AT: $created_at"
}

      5. Under Manage JSON variable type declarations, click Add Type Declaration.

      6. Click Variable and select $created_at from the dropdown menu.

      7. Click Type and select Date and Time - Human-Readable Format (ISO 8601). This will make sure that the creation time is printed in human-readable format, instead of the default epoch format.

  4. Save the webhook.

Configure the UPDATE webhook in Moogsoft Cloud

Next, create the Slack UPDATE webhook, which sends update notifications to Slack when Moogsoft Cloud incidents are changed.

To configure the UPDATE webhook:

  1. Navigate to Integrations > Outbound Integrations > Incident Webhook.

  2. At the far right side of the "Slack CREATE" webhook you just configured, click on the copy icon:

    SlackIntegrationCopyWebhook.png

  3. Enter "Slack UPDATE" for the name of the duplicate webhook and click Duplicate.

  4. Click on the "Slack UPDATE" webhook to open it.

  5. Click Edit.

  6. Under the Triggers section, select the conditions that you would like to trigger the webhook.

    Leave the rest of the webhook unchanged.

  7. Save the webhook.

Configure the CREATE workflow in Moogsoft Cloud

Configure an incident workflow called Slack CREATE Workflow, which triggers the "Slack CREATE" webhook when an incident is created in Moogsoft Cloud.

To configure the CREATE workflow:

  1. Log into Moogsoft Cloud and navigate to Correlate & Automate > Workflow Engine > Incident Workflows.

  2. Click Add Workflow and enter "Slack CREATE Workflow" as the name of the workflow. Optionally, provide a description.

  3. For the Trigger, select Create only.

    If desired, add a filter condition on the incidents that you wish to forward to Slack.

  4. Click Add Action, select the Send to Endpoint action and then click Add Selected Action.

  5. Select the new Send to Endpoint action complete each section according to the following:

    1. Webhook: Select the "Slack CREATE" outbound incident webhook that you created earlier.

    2. External Link: Skip this section.

    3. Integration Name: Enter the following (without quotes): "Slack Integration"

      Skip all remaining sections.

  6. Save and Enable the workflow.

Configure the UPDATE webhook in Moogsoft Cloud

Finally, configure another incident workflow called Slack UPDATE Workflow, which triggers the "Slack UPDATE" webhook to send data when an incident is updated in Moogsoft Cloud.

To configure the UPDATE workflow:

  1. Navigate to Correlate & Automate > Workflow Engine > Incident Workflows.

  2. Click Add Workflow and enter "Slack UPDATE Workflow" as the name of the workflow. Optionally, provide a description.

  3. For the Trigger, select Update only.

  4. Click Add Action, select the Send to Endpoint action and then click Add Selected Action.

  5. Select the new Send to Endpoint action and complete each section as follows:

    1. Webhook: Select the "Slack UPDATE" outbound incident webhook that you created earlier.

    2. External Link: Skip this section.

    3. Integration Name: Enter the following: "Slack Integration"

      Skip all remaining sections.

  6. Save and Enable the workflow.

Test the integration

  1. Navigate to Integrations > Ingestion Services > Events API.

  2. Click the arrow button below the sample event to send an event to Moogsoft Cloud.

  3. Verify that an incident has been created in Moogsoft Cloud.

  4. Within Slack, verify that an incident notification has arrived. You should also see the test notification(s) you sent earlier.

  5. If you have enabled updates and included Status changed as a trigger, close the incident in Moogsoft Cloud and verify in Slack that an update notification has arrived.

In this section: