How does this integration work?

Ontic can be configured to push notifications to a Slack channel to alert users of any signal that can be received within Ontic.

 

This is an effective way to alert team members of a potential risk or insight in a timely manner, regardless of whether the recipients are users within Ontic. Because Slack notifications from Ontic are configured within Rules, you have total flexibility in how your organization can customize and leverage this feature. 

Advantages include:

  • Relevant, real-time flow of information - individuals or teams can receive automated alerts in Slack, based on configured rules, around changes related to a person of interest or relevant intelligence signals.
  • Expanded visibility - non-Ontic users can have awareness of pertinent signals and information with automated Slack alerts.

 

Note: You’ll need to have the necessary permissions in Ontic to complete this integration. See the section below ‘Roles & Permissions’ for more details. You may also reach out to your client success manager for guidance before completing these steps.

 

How to configure the integration:

  1. Go to: Administration → App Directory → Slack → Manage Integrations

  2. Select ‘Add New Workspace’

  1. Select ‘Allow’.

    1. You will be prompted with a pop-up for a permission request from Slack.

 

Once the Slack Workspace is integrated, select the Channels you want to add:

 

  1. Select ‘Add New Channel”. Once again, authorize by selecting ‘Allow’.

  1. Select the Slack Channels that you would like to integrate. You can also use the Search function to locate them quickly. 

 

 

  1. Once you’ve selected the channels, click out of the drop-down menu and select ‘Add Channels.’

  1. The App Directory/Slack page should now display the Channels and Workspaces you have successfully integrated.

 

 

 

Configure Rules to push notifications to a Slack channel:

 

  1. Go to Administration → Rules, select ‘Create Rule’.

  1. Set the conditions on the Rule. The WHEN statement indicates which signal or event will trigger a notification to the Slack channel. 

    1. For example, let’s say you want to alert your Security team’s slack channel every time there is a new entity logged within the platform, you can select ‘Entity Created’.

  2. Build an IF statement if you would like to further restrict the alert to a smaller subset of criteria. For example, you can select a certain dashboard, or ‘All Entities.’

    1. You can build out additional conditions to further restrict the events that would trigger the alert. Consult the instructions on Rule creations for further details.

  3. IMPORTANT: On the THEN statement, add action and select ‘SEND ALERT’.

    1. Select Slack, and the corresponding workspace and channel where the alert will be pushed. 

 

  1. When the criteria for the rule is met, an alert will be pushed to Slack. A link will be provided which will bring you to the signal within Ontic.

 

  1. Once configured, Rules can be activated/deactivated, edited, or deleted:

 

Configure Slack Notifications by Role

 

  1. In Roles→Notifications, you can configure Slack notifications based on the creation or update of Signals, Incidents, and Entities .

  2. In the top-right corner, select ‘Edit Role’ to make changes:

  3. Once in ‘Edit’ mode, click the under Notification updates.

  1. Select the Integrated Workspace and Channel to which you want to send notifications, then click ‘Done.’ 

    Note: Refer to the previous section if you have not yet integrated the desired Workspace or Channel.

  1. The Workspace and Channel should now be displayed under Notification updatesThe Slack checkboxes should now be selectable.

  1. You can configure notification settings for Signals, Incidents, and Entities.
    Note: For Slack, notifications can only be enabled through the selected channel, and not through Direct Message to a user. Notifications will only be pushed to a specified channel. 

 

Roles & Permissions:

 

  1. To integrate the Slack Workplace and channels you will need the the following permissions in your role:

  1. If you’d like to configure rules so that Slack alerts can be triggered based on Ontic activity, you will need the following permissions:

 

Slack Administration

 

Your organization’s Slack admin may have external applications restricted without approval. 

  1. A Slack Admin can perform the integration if they can be granted access to Ontic.

  2. Alternatively, reach out to your internal Admin to see if there is a pending request from Ontic. Once approved, repeat the steps from the first section.