Aurva

Slack Integration

Route Aurva alerts and findings to Slack channels with rich formatting, channel routing, and digest mode.

The Slack integration delivers policy violations, risk findings, and system notifications to your Slack workspace in real time.

Setup

  1. 1

    Create a Slack Incoming Webhook

    In Slack, go to Apps -> Incoming Webhooks (or create a custom Slack app with webhook permissions). Copy the webhook URL.

  2. 2

    Add the webhook in Aurva

    Navigate to Settings -> Integrations -> Slack and paste the webhook URL.

  3. 3

    Assign to an Alert Route

    Go to Alert Routes and create or edit a route. Select your Slack webhook as the destination.

Channel Routing

You can configure multiple Slack webhooks -- one per channel -- and assign them to different alert routes. Common patterns:

ChannelReceives
#sec-criticalCritical and high-severity policy violations
#sec-opsMedium-severity findings, new risk discoveries
#compliance-digestDaily compliance status summary
#data-engineeringDAM alerts related to production databases

Rich Formatting

Slack messages include:

  • Severity badge -- colour-coded indicator (red, orange, yellow, blue)
  • Policy name and category -- clickable link back to the Aurva console
  • Affected asset -- database, service, or identity involved
  • Key details -- query summary, classifier matches, row counts

Digest Mode

For lower-severity alerts, enable Digest Mode on the alert route to batch notifications:

  • Aurva collects alerts over a configurable window (15 min, 1 hour, or 1 day)
  • A single summary message is posted with counts grouped by policy and severity
  • Reduces channel noise while preserving visibility

Troubleshooting

SymptomResolution
Messages not appearingVerify the webhook URL is valid and the channel still exists
Duplicate messagesCheck that the alert route is not assigned to multiple Slack destinations for the same channel
Formatting brokenEnsure your Slack app has the incoming-webhook scope