The Slack Audit App for Splunk gives you critical insights into your Slack Enterprise Grid account.
The app includes:
A pre-built knowledge base of dashboards that deliver real-time visibility into your environment.
The dashboards showcase
- User Logins and Admin actions such as Users Added
- Popular App Installations, Approved and Retricted App Details
- File Activity
- Workspace Preference Change Activity
- Private/Public Channel Creations, User/Guest Joins and External Shared Channel Details
The Slack Audit App for Splunk needs Audit log data to be indexed into the slack_audit index.
Use the Technology Add-on to retrieve Slack Audit Logs : Slack Add-on for Splunk
Be sure to set the index to retrieve these logs into, to be named slack_audit
The Preferences Activity Dashboard has the Event Timeline panel that relies on the Event Timeline App to be installed. Download the app to see the panel show up.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.