Docs » Send alert notifications to services using Splunk Observability Cloud » Send alert notifications to Slack using Splunk Observability Cloud

Send alert notifications to Slack using Splunk Observability Cloud 🔗

You can configure Splunk Observability Cloud to automatically send alert notifications to Slack when a detector alert condition is met and when the alert clears.

To send Splunk Observability Cloud alert notifications to Slack, complete the following configuration tasks:

Caution

If the user who creates the integration leaves your organization and their Slack account is deactivated, the Slack integration stops working.

Step 1: Create a Slack integration in Splunk Observability Cloud 🔗

You must be a Splunk Observability Cloud administrator, Slack administrator, and be authorized to add apps to Slack to complete this task.

This method of integrating with Slack replaces a prior design. Slack integrations created using the prior design display an option to upgrade in the Splunk Observability Cloud UI. While the prior design continues to work, upgrade your integrations to use the newer integration design. You must upgrade your integration if you want image previews to display when pasting a chart URL into Slack. To learn more, see Paste a chart URL into Slack.

To create a Slack integration in Splunk Observability Cloud:

  1. Log in to Splunk Observability Cloud.

  2. Open the Slack guided setup . Optionally, you can navigate to the guided setup on your own:

    1. In the left navigation menu, select Data Management.

    2. Go to the Available integrations tab, or select Add Integration in the Deployed integrations tab.

    3. In the integration filter menu, select All.

    4. In the Search field, search for Slack, and select it.

  3. Select New Integration to display the configuration options. If you get an error, you aren’t authorized to add apps to Slack and aren’t be able to create this integration. Contact your Slack administrator for help.

  4. Review the permissions required by Slack and select Authorize.

  5. By default, the name of the integration is Slack. Give your integration a unique and descriptive name. For information about the downstream use of this name, see About naming your integrations.

  6. Save.

Note

Splunk Observability Cloud uses the following Slack APIs: oauth.access, conversations.list, chat.postMessage, and chat.unfurl.

Step 2: Add a Slack integration as a detector alert recipient in Splunk Observability Cloud 🔗

To add a Slack integration as a detector alert recipient in Splunk Observability Cloud:

  1. Create or edit a detector that you want to configure to send alert notifications using your Slack integration.

    For more information about working with detectors, see Create detectors to trigger alerts and Subscribe to alerts using the Detector menu.

  2. In the Alert recipients step, select Add Recipient.

  3. Select Slack and then select the name of the Slack integration you want to use to send alert notifications. This is the integration name you created in Step 1: Create a Slack integration in Splunk Observability Cloud.

    • For public Slack channels, enter the name of the channel you want to send the notifications to.

    • For private Slack channels, you must invite the SignalFx app to your channel:

      1. In Slack, navigate to the private channel you want to send notifications to.

      2. In the message field, enter the /invite @SignalFx, <YOUR_ORG_REALM> command. For example, /invite @SignalFx, US1.

        Note

        For US0 realm, the invitation command is /invite @SignalFx.

      3. In the detector subscription configuration, enter the private channel name. Splunk Observability Cloud can’t find and autocomplete private Slack channels, but you can still send notifications to them.

  4. Activate and save the detector.

Splunk Observability Cloud sends an alert notification to the Slack channel when an alert is triggered by the detector and when the alert clears.

This page was last updated on Oct 04, 2024.