LogRhythm to Slack Webhooks

Published by wtfender on

Steps

  • 1. Add a webhook to your Slack team.
  • 2. Create your AIE alarm with fields that you want to pass to your webhook.
  • 3. Create a powershell script accepting the fields as parameters:

4. Create the actions.xml manifest with the same parameters/fields:

5. Create your SmartResponse Plugin using the powershell script and manifest.

6. Set your SmartResponse as an action to your AIE alarm, mapping the correct parameters:

7. Trigger your alarm and observe the webhook:

Alarm Examples

Credit

jgigler/Powershell.Slack

Categories: Uncategorized

0 Comments

Leave a Reply