IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
Elastic Docs Kibana Guide [8.8] Stack Management Connectors
« Swimlane connector and action Tines connector »

Slack connector and actionedit

The Slack connector uses incoming webhooks or an API method to send Slack messages.

Create connectors in Kibanaedit

You can create connectors in Stack Management > Connectors or as needed when you’re creating a rule. You can choose to use a webhook URL that’s specific to a single channel. For example:

Slack connector

Alternatively, you can create a connector that supports multiple channels. For example:

Slack API connector

If you use the latter method, you choose your channel when you create a rule action. Thus a connector can be used in multiple rules and actions to communicate with different channels.

For Slack setup details, go to Configure a Slack account.

Create preconfigured connectorsedit

If you are running Kibana on-prem, you can define connectors by adding xpack.actions.preconfigured settings to your kibana.yml file.

Example Slack connector with webhook.

xpack.actions.preconfigured:
  my-slack:
    name: preconfigured-slack-webhook-connector-type
    actionTypeId: .slack
    secrets:
      webhookUrl: 'https://hooks.slack.com/services/xxxx/xxxx/xxxx'

To obtain this value, go to Configure a Slack account for incoming webhooks.

Example Slack connector with web API.

xpack.actions.preconfigured:
  my-slack:
    name: preconfigured-slack-api-connector-type
    actionTypeId: .slack_api
    secrets:
      token: 'xoxb-xxxx-xxxx-xxxx'

To obtain this value, go to Configure a Slack account for Web API.

Test connectorsedit

You can test connectors with the run connector API or as you’re creating or editing the connector in Kibana. For example:

Slack API connector test

Slack actions have the following properties:

Channels
One or more channels that your Slack app has access to. This option is available only in the web API type of connector.
Message
The Slack message text, which cannot contain Markdown, images, or other advanced formatting.

Connector networking configurationedit

Use the Action configuration settings to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use xpack.actions.customHostSettings to set per-host configurations.

Configure a Slack accountedit

Before you can create a Slack connector, you must configure your account and obtain the necessary URL or token.

Configure a Slack account for incoming webhooksedit
  1. Log in to slack.com as a team administrator.
  2. Create a Slack app, enable incoming webhooks, then create an incoming webhook. Refer to https://api.slack.com/messaging/webhooks.
  3. Copy the generated webhook URL so you can paste it into your Slack connector form.
  4. If you are using the xpack.actions.allowedHosts setting, make sure the hostname from the URL is added to the allowed hosts.
Configure a Slack account for Web APIedit
  1. Create a Slack app. Refer to https://api.slack.com/authentication/basics#creating.
  2. Add scope: channels:read, groups:read, chat:write and chat:write.public. Refer to https://api.slack.com/authentication/basics#scopes.
  3. Install the app to a workspace. Refer to https://api.slack.com/authentication/basics#installing.
  4. Copy the Bot User OAuth Token so you can paste it into your Slack connector form.
  5. If you need to send messages to a private channel, you need to write /invite @App_name in it. Putting "@" triggers Slack to start auto-suggesting, which is why it then becomes easy to find your app name in the list.
« Swimlane connector and action Tines connector »