- 09 Dec 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Slack - Send Direct Message to a User
- Updated on 09 Dec 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Slack - Send Direct Message to a User sends a direct message to:
- Assets returned by the selected query or assets selected on the relevant asset page.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
Required Fields
These fields must be configured to run the Enforcement Set.
- Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
Use adapter connection - Select this option to use credentials from the adapter connection. By default, the first connection is selected.
- When you select this option, the Select Adapter Connection drop-down becomes available. Select the adapter connection to use for this Enforcement Action.
Note:To use this option, you must successfully configure a Slack adapter connection. Each asset is run using the connection that fetched the asset.
Custom Message - The text of the message that is sent to the asset.
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
- Gateway Name - Select the Gateway through which to connect to perform the action.
Additional Fields
- User ID (optional) - Enter the name of the users or channel you want to send the message to and select the name from the drop-down.
Connection and Credentials
When Use stored credentials from the adapter is toggled off, some of the connection fields below are required to create the connection, while other fields are optional.
- Host Name or IP Address - The hostname or IP address of the Slack server.
- Authentication Token - An Authentication Token associated with a user account that has the Required Permissions to perform this action.
- Account Sub Domain - The Slack account's sub domain (<sub_domain>.slack.com).
- Username and Password - The credentials for a user account that has the Required Permissions to perform this action.
- MFA Secret - If you access Slack through an SSO solution that requires multi-factor authentication, you will need to generate a secret key in that solution and paste it here. See instructions for performing this action in Okta, Google, or Microsoft.
- Enterprise Grid Organization - Select this option if you are using the Slack Enterprise Grid Organization solution.
- Verify SSL (optional) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
- HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
API
Axonius uses the Slack Post Message API
Permissions
The following permissions are required:
- Bot tokens: chat:write
- User tokens: chat:write, chat: write:user, chat:write:bot
For more details about other Enforcement Actions available, see Action Library.