How To: Send Forum Sentry Alert Messages to Slack and Other Communication Platforms

 

Introduction

Forum Sentry can be setup to send alerts messages in a variety of ways, including traditional means such as Email and SNMP.  In this case where there is already a hub collaboration application in use for communication purposes, such as Slack, Forum Sentry can be configured to format and send alerts to these products.  This tutorial focuses on Slack.

 

Slack Configuration

Slack is a collaboration hub that allows for team communication to take place.  More info can be found at Slack.  In this case we are interested in sending Alert Messages from Forum Sentry to a Slack Incoming Webhook.

 

For more detailed instructions please visit Incoming Webhooks for Slack to setup an Incoming Webhook.  The main steps involved are:

  1. Create a Slack app (if you don't already have one).
  2. Enable Incoming Webhooks from the settings page.
  3. After the settings page refreshes, click Add New Webhook to Workspace.
  4. Pick a channel that the app will post to, then click Authorize.
  5. Use your Incoming Webhook URL to post a message to Slack. 

Once you have the incoming Webhook URL then move on to the Forum Sentry setup

 

Forum Sentry Configuration

As stated above, Forum Sentry can be configured to send Alert Messages, such as certification expiration and IDP alert messages.  The Steps are listed below.

 

  1. Content Policy

Attached are the v8.9 and v8.11 Forum Sentry FSG's (import password is password) of a sample XML policy.

The XML policy is setup such that the listener is an SMTP listener policy and the remote is an HTTPS policy pointing to the Incoming Webhook address.

 

As can be seen in the image, the listener is a simple SMTP policy on the loopback address on port 25.  It does not necessarily have to be port 25 but this needs to match the SMTP server setup on the system page.

The remote policy is an HTTPS policy pointing to the hooks.slack.com server.

The Remote path is the particular path that leads to your specific Incoming Webhook.

 

  1. Task List

Slack Incoming Webhooks require a specific format for the message payload with a POST HTTP method.  An example is:

Payload={“text”: “The message goes here”}

The Task List needed to handle transforming the Alert Message and creating the Slack payload is shown next:

  1. Certificate Expiration Alerts

This alerting mechanism is configured on the Keys page under Settings:

  1. IDP Alerts

These alerts are enabled via IDP Action.  In the IDP Action add a local user that has an email associated with it.  This email will be used to send Alerts.  Please note that since these emails will be converted into HTTP messages that the email is not really significant in this case.

  

  1. SMTP Server

This is added under the System page.  As can be seen in the image this is pointing to the listener policy setup as stated above.

 

  1. Testing and Logs

The images below show a test where the Alert Message has been forwarded to the Slack Incoming Webhook

 

 

 

 

 

 

0 Comments

Article is closed for comments.