Slack integration
Slack is an instant messaging platform especially appreciated by the software developer community. With Pandora FMS you will be able to get alert messages by simply adding a channel and an application to the account previously created in Slack. Then you must configure credentials with commands and actions in Pandora FMS.
- Slack configuration: application creation
- Slack configuration: permissions and credentials
- Pandora FMS configuration: creation of an alert command
- Pandora FMS configuration: creating an alert action
Slack configuration: application creation
In the Pandora FMS libraries you can find the Slack connector CLI with complete and detailed information about the integration with this instant messaging platform. You should start by accessing the page dedicated to the Slack API, identify yourself and use the "Create a custom app" option. Assign a name and select a workspace for the application and click on "Create app".
Now you must go to the configuration of the newly created application and activate and add Incoming Webhooks.
Define the channel through which the application messages will be sent.
Select the desired channel and click Allow. The next step is the application permission settings in Slack.
Slack configuration: permissions and credentials
In the Basic Information option you will be able to access the application credentials (App Credentials), which you should never share, in any case. In the same way, access to OAuth & Permissions to copy the authorization token that you will place in Pandora FMS.
There are many other settings, such as defining a limited set of IP addresses that can make use of the API, and so on.
Go to the conversation panel in Slack, leaving the API settings section behind. Add or select a channel through which the application will send messages, click More and then Add apps. Select and add to the channel the application (in this example the channel is called # pfms). Observe the following triptych:
With all this configuration and information, the only thing left to do is to configure Pandora FMS to send messages through Slack.
Pandora FMS configuration: creation of an alert command
First you must install the Slack connector CLI, which you can download from the Pandora FMS library. You must have the following utilities installed in the Pandora FMS server: python3 and python3-pip. With this last command you should install the Slack connector CLI requirements for Pandora FMS:
pip3 install -r requirements.txtIt is recommended to send a test message from the same command line. Be familiar with the mandatory parameters: the copied token, the channel name and the data to send.
-t TOKEN -c CHANNEL -d DATA.
For example:
python3 pandora-slack-cli.py.py -t <webhook-url> -c <channel id/name> -d "Data=5, Agent=Test, Module=Ping"Due to the flexibility of Pandora FMS, there are also additional parameters that allow, for example, the sending of graphs through the Pandora FMS external API.
Take the time to learn these requirements. To create an alert command go to the Pandora FMS Web Console and click on Alerts -> Commands -> Create.
Configure each of the eight fields required by the command; in the test-exec file that accompanies the Slack connector CLI you can obtain each of them. Pay attention to field number two, which must contain, in a hidden way, the token of the application created in Slack. Add the group that will be able to access the sending of alerts.
Click on the Create button to save the alert command.
Pandora FMS configuration: creating an alert action
The alert actions allow you to define how to launch the command. Go to the menu Alerts -> Actions -> Create.
Select in Command the alert command created on the previous page, the fields will be filled in automatically. However, you can always customize the icons or messages for the Triggering and Recovery events, for example.
To save click on Create. To apply this action to either a Module or Policy, set up an alert template for this purpose.