Hi Kolide team. We’re in a kind of extended trial / gradual rollout. I want to explore and fully understand the alerts/escalation plumbing. Happy to read docs or work with support team. _For example_:
• is there a way to route events to a Slack channel?
• is there a way to trigger events easily (and without major side-effects), to validate we get events/alerts in the way we expect, test configurations?
01/13/2021, 5:50 PM
I'm a Kolide customer but, each of the in the box checks can send to a slack channel as escalation after a certain number of attempts to notify the user. The checks are really clear on exactly what the message is thats sent to the user
We are working on piping the OS Query data to our SIEM Panther this quarter so we can write some custom alerts to send to the security team for weird anomalies.