How to Send Slack Notifications
Resoto constantly monitors your infrastructure, and can alert you to any detected issues.
One way to receive these alerts is via Slack. In this guide, we will configure Resoto to send alerts to a Slack channel.
Prerequisites​
This guide assumes that you have already installed and configured Resoto to collect your cloud resources.
Directions​
Create an Incoming Webhook in Slack.
Define search criteria that will trigger an alert. For example, let's say we have a test account
test-accountwhere instances with more than 4GB of RAM are not permitted:> search is(instance) and instance_memory>4 and /ancestors.account.reported.name==test-accountNow that we've defined the alert trigger, we will simply pipe the result of the search query to the
slackcustom command, replacing thetitlewith your desired alert text andwebhookwith your Slack webhook URL:> search is(instance) and instance_memory>4 and /ancestors.account.reported.name==test-account | slack title="Large instances found in test-account" webhook="https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX"If the defined condition is currently true, you should see a new message in Slack:
Finally, we want to automate checking of the defined alert trigger and send alerts to Slack whenever the result is true. We can accomplish this by creating a job:
> jobs add --id notify_large_test_instances --wait-for-event post_collect 'search is(instance) and instance_memory>4 and /ancestors.account.reported.name==test-account | slack title="Large instances found in test-account" webhook="https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX"'
A default webhook URL can be specified in the slack custom command configuration, so that you can simply execute slack title="...".