Articles in this section

See more

Adding Slack Enterprise Grid Cloud Connector to SkyFormation platform

Avatar
Nadav Lavy (Greenberg)
  • Updated
Follow

If you're having trouble at any stage please contact us at support@skyformation.com

Preface

The goal of this guide is to add a new SkyFormation for Slack Enterprise Grid cloud connector to your SkyFormation Platform.

Prerequisites

1. Have the following Slack information at hand

To add the Slack Enterprise Grid connector to your SkyFormation app, you will need to have the following Slack Enterprise Grid information at hand eventually:

  • client id
  • client secret

    Below are the steps needed to get these.

2. Create a Slack app for integration

  • Login to your Slack Enterprise Grid

  • Go to: https://api.slack.com/apps 

  • Press the Create New App button
  • In the below form fill in the needed information

App name - Give the application a friendly name (e.g. skyformationSlackApp)

Development Slack Workspace - Choose a Workspace that the App belong to (any)

  • Press Create App

  3. Configured the OAuth settings for the created App

  • Navigate in the lefthand tab to the OAuth & Permissions page

  • Insert the Redirect URL

  - Press the Add New Redirect URL button


       

- Insert the following URL
  https://auth.skyformation.net/v1/oauth 

        - Press Add button

        - Press the Save URLs button

  • Set the needed OAuth scopes

    - Scroll down in the page to the Scopes section

        - In the Select Permission Scopes drop down choose the following scopes

          (Required) auditlogs:read - Needed to interact with the Audit Log API
          (Optional) admin - Needed to get users/groups information

       - Press the Save Changes button

Note: This connector syncs groups and users for enrichment of events. In order to do that the "admin" permission needs to be added. You may not want to add the 'admin' permission for this service because of security reasons, so you may want to disable this configuration. You can find instructions for that here: https://support.skyformation.com/hc/en-us/articles/360014958060-How-to-Disable-Sync-of-Users-and-Groups-in-the-SkyFormation-Application.

  4. Configure the application distribution 

  • Navigate in the lefthand tab back to the Basic Information page



  • Press the Manage distribution link



  • Press the Distribute App button

  • Scroll down to the Share Your Web Other Workspaces section

  • Press the Remove Hard Coded Information link

  • Check the "I've reviewed and removed any hard-coded information" check box



  • Press the Activate Public Distribution button

  5. Collect the application secret id and secret keys needed

  • Navigate in the lefthand tab back to the Basic Information page

  • Scroll down to the App Credentials section


  • Copy the Client ID and Client Secret values

 

Steps

1. Logon to your SkyFormation Platform:

2. Navigate via left navigation panel to "Settings" section

3. Navigate via New Settings left navigation panel to "Accounts" section

4. Click the "Add Account" bottom

5. At the "SELECT SERVICE TO ADD" choose "Slack". You will see the following screen:

6. Fill in the following information:

    - Account Name
        Give the Slack account a meaningful name for you. 
        This will become your cloud app connector name displayed in the application and the 
        events sent to external systems as SIEM/Log management. This is a mandatory field.

      e.g. "Corporate Slack for collaboration"     

    - Description
      Add a text that describes the Slack service account for you.

      This is an optional field.

   - Client_id
      The account client_id from the prerequisite section

   - Client_secret
      The account secret obtained in the prerequisite section

   - External Authentication (interactive process done by Slack admin)
     

     Your Slack admin will now need to perform an interactive process of granting the SkyFormation
     Slack connector the needed authorization to interact with the Slack API.

  • Press the OPEN EXTERNAL OAUTH WINDOW button
  • When asked to approve the needed permissions in the pop up approve

     At this point you can click on "TEST CONNECTION" to make sure the connection is setup
     successfully, or just click on "DONE".

7. Start the Slack Enterprise Grid connector

    At the SkyFormation Accounts settings page allocate the connector just added
    and press its START button.

    Make sure it is correctly running with "OK" status stay stable after 2-5 minutes

 

DONE!

Related articles

Comments

0 comments

Please sign in to leave a comment.