The Slack Audit App for Splunk gives you critical insights into your Slack Enterprise Grid account.
The app includes:
A pre-built knowledge base of dashboards that deliver real-time visibility into your environment.
The dashboards showcase
- User Logins and Admin actions such as Users Added
- Popular App Installations, Approved and Retricted App Details
- File Activity
- Workspace Preference Change Activity
- Private/Public Channel Creations, User/Guest Joins and External Shared Channel Details
The Slack Audit App for Splunk needs Audit log data to be indexed into the slack_audit index.
Use the Technology Add-on to retrieve Slack Audit Logs : Slack Add-on for Splunk
Be sure to set the index to retrieve these logs into, to be named slack_audit
The Preferences Activity Dashboard has the Event Timeline panel that relies on the Event Timeline App to be installed. Download the app to see the panel show up.
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.