Hi,
Is it correct that slack notification integration doesn't support private channels? We created the app as per the blog post provided but it only works in public channels even if we add the bot user / app to the private channel. We've even tried starting from scratch but the results are always the same.
If you tail the log you see:
Token='57 character(s)', channelID='#private-channel-name'}'
2024-09-18 19:39:34.378 WARN 12 --- [SimpleAsyncTaskExecutor-75] n.u.b.n.s.slack.SlackNotificationSender : Failed to upload file via Slack, reason: channel not found
We've just migrated from RANCID and can safely say unimus Really is Awesome.
Thank you very much!
Slack Integration
Hi,unimusisgreat wrote: ↑Wed Sep 18, 2024 5:58 pmHi,
Is it correct that slack notification integration doesn't support private channels? We created the app as per the blog post provided but it only works in public channels even if we add the bot user / app to the private channel. We've even tried starting from scratch but the results are always the same.
If you tail the log you see:
Token='57 character(s)', channelID='#private-channel-name'}'
2024-09-18 19:39:34.378 WARN 12 --- [SimpleAsyncTaskExecutor-75] n.u.b.n.s.slack.SlackNotificationSender : Failed to upload file via Slack, reason: channel not found
We've just migrated from RANCID and can safely say unimus Really is Awesome.
Thank you very much!
Private channels should be supported. If the bot is a member of the private channel, it should be able to post to it. Most likely the issue is in Slack bot's OAuth Permissions. Does your bot have the "channels:read", "chat:write", "mpim:read", "mpim:write" and "groups:read" permissions?
If those are already assigned to the bot, you could take a look at other permissions in the "channels", "groups" and "mpim" scopes. Sadly the Slack OAuth scopes are not well documented, so you might have to experiment a little to find all the needed scopes.
Hope this helps.
-
- Posts: 2
- Joined: Wed Sep 18, 2024 5:52 pm
Thanks so much for the response.
I've done some more testing and frankly the results have been confusing.
Test 1:
Create a public channel e.g. unimus-alerts everything is fine , test notification works and normal notifications come through.
Test 2:
Change that channel to private, test notifications stop working but real notifications still come through which is great.
Test 3:
Let's imagine we want to use an existing private channel where we already receive other security / change alerts.
Change the configuration to point to a different private channel (app / bot is already added as an integration) , test notifications do not work (no change) but furthermore real notifications do not work either.
Finally ...
Test 4:
Change the configuration back to the original channel that was previously working even when private. Alerts no longer work at all which is not the result I expected.
I'm curious in test 3 and 4 if Unimus is even trying to send the alert, it seems almost like there is some channel validation process that needs to occur in order for Unimus to even attempt to send the message. I used the manifest file from the article provided.
Anyway I'm not sure if the feedback is useful , just my experience.
Thanks,
Jos
I've done some more testing and frankly the results have been confusing.
Test 1:
Create a public channel e.g. unimus-alerts everything is fine , test notification works and normal notifications come through.
Test 2:
Change that channel to private, test notifications stop working but real notifications still come through which is great.
Test 3:
Let's imagine we want to use an existing private channel where we already receive other security / change alerts.
Change the configuration to point to a different private channel (app / bot is already added as an integration) , test notifications do not work (no change) but furthermore real notifications do not work either.
Finally ...
Test 4:
Change the configuration back to the original channel that was previously working even when private. Alerts no longer work at all which is not the result I expected.
I'm curious in test 3 and 4 if Unimus is even trying to send the alert, it seems almost like there is some channel validation process that needs to occur in order for Unimus to even attempt to send the message. I used the manifest file from the article provided.
Anyway I'm not sure if the feedback is useful , just my experience.
Thanks,
Jos
The manifest in the blog article is a bit conservative - for example, it doesn't include "groups:write", as the Slack docs specify it grants privilege to manage private channels. We didn't want to add that as the default privilege. It's quite possible that OAuth Scope is required to actually post to private channels. Like I mentioned, Slacks docs are quite poor in documenting what each scope does exactly.unimusisgreat wrote: ↑Thu Sep 19, 2024 10:38 pmThanks so much for the response.
I've done some more testing and frankly the results have been confusing.
...
I'm curious in test 3 and 4 if Unimus is even trying to send the alert, it seems almost like there is some channel validation process that needs to occur in order for Unimus to even attempt to send the message. I used the manifest file from the article provided.
Could you please test adding OAuth Scopes to the bot like I mentioned in my previous post, and see if that helps?