Title
#kolide
m

Martin Langhoff

01/13/2021, 5:41 PM
Hi Kolide team. We’re in a kind of extended trial / gradual rollout. I want to explore and fully understand the alerts/escalation plumbing. Happy to read docs or work with support team. For example: • is there a way to route events to a Slack channel? • is there a way to trigger events easily (and without major side-effects), to validate we get events/alerts in the way we expect, test configurations?
t

Travis

01/13/2021, 5:50 PM
I'm a Kolide customer but, each of the in the box checks can send to a slack channel as escalation after a certain number of attempts to notify the user. The checks are really clear on exactly what the message is thats sent to the user
5:51 PM
We are working on piping the OS Query data to our SIEM Panther this quarter so we can write some custom alerts to send to the security team for weird anomalies.