Skip to content

Slack (Audit)

You must be logged in as the Owner of your Enterprise Grid organization to install the app.

  1. Log in to your Slack account using the following link: https://api.slack.com/apps.

  2. Provide the appropriate app name in the search bar, and then select the workspace.

  3. Click Create New App.

  4. Provide an app name (ex: Securonix Connector) in the search bar and then select the workspace.

  5. Select OAuth & Permissions from the left navigation.

  6. Provide redirect as: https://localhost.

  7. Scroll down to the User Token Scopes section and add the auditlogs:read scope, as seen in the following image:

  8. Select Manage Distribution from the left navigation.

  9. Ensure each step in the Share Your App with Other Workspaces section is complete with a green check mark.

  10. Click Remove Hard Coded Information in the Share Your App with Other Workspaces section, and then check the box next to I’ve reviewed and removed any hard-coded information.

  11. Copy the sharable URL and paste it into a browser.

  12. Select the drop-down menu in upper right hand corner and then choose an organization.

    Note: Ensure that you install the Audit Logs in the My Grid Org workspace.

The newly created app must complete the OAuth flow to obtain an access token. The access token is used in SNYPR for authentication.

Complete the following steps to exchange the temporary authentication code for an OAuth Token:

  1. Navigate to sharable URL > Allow, and then take the code value from the redirected URL.

  2. Complete the exchange using a curl command. The curl command leverages the temporary code from the redirected URL, along with the client ID and client secret from the Basic Information section of the app.

    Example: curl -F code=1234 -F client_id=3336676.569200954261 -F client_secret=ABCDEFGH https://slack.com/api/oauth.v2.access

    When the call is executed, Slack sends an HTTP response with the access_token, as seen in the following image:

When the app completes the OAuth flow, you are granted an OAuth token under OAuth & Permissions section, as seen in the following image. The OAuth token is used for calling all the Audit Log API methods for your organization.

  1. Capture and secure the token value.

    Note: xoxp- is not needed for create data source.