Skip to main content

Netskope Help

Slack Notifier Plugin for Ticket Orchestrator

This document explains how to configure your Slack Notifier integration with the Ticket Orchestrator module of the Netskope Cloud Exchange platform.


To complete this configuration, you need:

  • A Netskope Tenant (or multiple, for example, production and development/test instances)

  • A Netskope Cloud Exchange tenant with the Ticket Orchestrator module already configured.

  • A Slack Notifier account.

  1. Create an Slack Webhook URL.

  2. Configure the Slack Notifier plugin.

  3. Configure Ticket Orchestrator Business Rules for Slack Notifier.

  4. Configure Ticket Orchestrator Queues for Slack Notifier.

  5. Validate the Slack Notifier Plugin.

If you already have a slack application, go to your application and jump to step 3.

  1. To get a slack webhook URL, log in to your Slack account , go to, and click Create your Slack app.

  2. Enter a name for your application in App Name and select the workspace in which you want to create the application. Click Create App.

  3. Under Add features and functionality header, click the Incoming Webhooks box.

  4. Toggle the switch in top right corner (if not already On) to activate incoming webhooks in your application.

  5. Click Add new Webhook to Workspace.

  6. Select the channel in which you want your application to post the notifications, and then click Allow.

  7. Click Copy to get the newly generated webhook URL. This is used when configuring the Slack Notifier plugin.

  1. Go to Settings and click Plugins.

  2. Select the Notifier plugin box to open the plugin creation page (make sure Ticket Orchestrator is enabled. If not, navigate to Settings > General and enable Ticket Orchestrator).

  3. Enter a Configuration Name and click Next.

  4. From the Platform Name dropdown, select Slack (webhooks) and then click Next.

  5. Enter your Slack Webhook URL.

  6. Keep the defaults for the rest of the parameters.

  7. Click Save.

  1. Go to Ticket Orchestrator and click Business Rules.

  2. Click Create new rule.

  3. Enter an appropriate Rule Name and build the appropriate filter query condition on field(s) for the business rule. You can also type the query manually by clicking Filter Query.

  4. Click Save.

  5. To create Mute Rule(s) and/or Deduplication Rule(s) for this business rule, click on the Business Rule you created.

  6. Click on the round “+” icon to create a new Mute Rule/Deduplication Rule.

  7. Enter a Rule Name and build the appropriate condition, and then click Save.

  8. Similarly, Deduplication Rule(s) can be created.

  9. To test the newly created business rule, click on the image15.pngicon, enter a Time period ( in days), and then click Fetch. This shows the number of alerts that are eligible for incident/ticket creation.

  1. Go to Ticket Orchestrator and click Queues.

  2. Click Add Queue Configuration.

  3. Select the previously created Business Rule from the dropdown.

  4. Select the plugin Configuration from the dropdown for which the queue is being configured (Notifier in this case).

  5. Select the Queues from the dropdown. For the Slack Notifier plugin, it should be the Notification queue.

  6. Add/Map appropriate values between alerts and notification under the Map Field section. Alert’s attributes can be accessed via “$” in the custom message field. Click Add to add more field mappings.

  7. Click Save.

  8. Based on the business rule(s), Notifications for incoming alerts will be sent automatically to the configured Slack channel. To create notifications for historical alerts, click on refresh image15.png icon for the configured queue, enter the Time period (in days), and click Fetch. This shows the number of alerts that are eligible for sending notification. Click Sync to send the notification(s).


In order to validate the workflow, you must have Netskope Alerts.

  1. Go to Ticket Orchestrator and click Alerts.

  2. To view the message(s) sent to Slack, navigate to your configured Slack channel.

  3. If notifications are not being sent to Slack, you can look at the audit logs in Cloud Exchange. In Cloud Exchange, click Logging and look through the logs for errors.