Back to Account Management

Slack Integration Setup | NOC.org Support

NOC integrates with Slack to deliver real-time notifications about monitoring events, WAF activity, and configuration changes directly to your team's channels. This guide walks you through creating a Slack webhook and connecting it to your NOC account.

Prerequisites

  • An active NOC.org account.
  • Admin access to a Slack workspace (or permission to create Incoming Webhooks).

Step 1 — Create a Slack Incoming Webhook

  1. Go to your Slack workspace's app directory: https://YOUR-WORKSPACE.slack.com/apps.
  2. Search for Incoming WebHooks and select it.
  3. Click Add to Slack.
  4. Choose the channel where you want NOC alerts to appear (e.g., #ops-alerts or #noc-monitoring).
  5. Click Add Incoming WebHooks integration.
  6. Copy the Webhook URL that is generated. It will look like: 
    https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX
  7. Optionally, customize the bot name (e.g., "NOC Alerts") and icon.
  8. Click Save Settings.

Step 2 — Add the Webhook to NOC

  1. Log in to the NOC Dashboard.
  2. Navigate to Account Settings » Integrations.
  3. Under the Slack section, click Add Webhook.
  4. Paste the Slack Webhook URL you copied in Step 1.
  5. Give this integration a Label (e.g., "Ops Team Alerts").
  6. Click Test Connection to send a test message to your Slack channel. Verify that it arrives.
  7. Click Save.

Step 3 — Configure Alert Types

Choose which types of notifications are sent to Slack:

  1. On the Slack integration settings page, locate the Alert Types section.
  2. Enable or disable each alert category:
    • Monitoring — Down: triggered when an endpoint goes offline.
    • Monitoring — Recovery: triggered when an endpoint comes back online.
    • Monitoring — SSL Expiry: warned when an SSL certificate is nearing expiration.
    • WAF — Attack Detected: triggered during active attack patterns (DDoS, SQLi, XSS).
    • WAF — IP Blocked: sent when a suspicious IP is automatically blocked.
    • CDN — Cache Purge: notification when a cache purge is initiated.
    • DNS — Record Change: triggered when DNS records are created, modified, or deleted.
    • Account — Login: sent on new login events (useful for security auditing).
  3. Click Save.

Using Multiple Channels

You can create multiple Slack webhooks to route different alert types to different channels:

  • Send monitoring alerts to #ops-alerts.
  • Send WAF/security alerts to #security.
  • Send DNS and configuration changes to #infra-changes.

To set this up, create a separate Incoming Webhook in Slack for each channel, then add each webhook to NOC with the appropriate alert types enabled.

Troubleshooting

  • Test message not arriving: Verify the webhook URL is correct. Check that the Incoming WebHooks integration is still active in your Slack workspace settings.
  • Alerts delayed: Slack webhook delivery is typically near-instant, but Slack may experience occasional delays during high-traffic periods. NOC queues messages and retries failed deliveries for up to 5 minutes.
  • Channel archived or deleted: If the target Slack channel is archived, messages will fail silently. Update the webhook to point to an active channel.

Removing the Integration

  1. In the NOC Dashboard, go to Account Settings » Integrations » Slack.
  2. Click the Delete button next to the webhook you want to remove.
  3. Confirm the deletion. Alert delivery to that webhook stops immediately.

Improve Your Websites Speed and Security

14 days free trial. No credit card required.

Get Started