Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Summarizer notification channel #7

Open
peersky opened this issue Oct 3, 2023 · 0 comments
Open

Summarizer notification channel #7

peersky opened this issue Oct 3, 2023 · 0 comments
Labels
template Improving or creating new templates

Comments

@peersky
Copy link
Owner

peersky commented Oct 3, 2023

For a various reasons some of monitoring activity makes sense to report in Slack as aggregate summary over some time window. I.e statistical data: numbers of transactions, numbers of privileged account activity etc.

Hence It would be great if we have following workflow:

  1. Any Monitors that must report to such summary dashboard are connected to "Summarizer" action.
  2. Such "Summarizer" action takes alert information / metadata and records it in to KVS store (or any other DB solution we can get)
  3. Another Autotask is invoked on schedule basis to read KVS store with reports and process them. (Idea: Add anomaly detector here!)
  4. Send summary webhook sentinel that will post an update to slack/telegram/email etc

From user side ideally we just specify "SummaryWriter" in Notification Channel.
@peersky peersky added the template Improving or creating new templates label Oct 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
template Improving or creating new templates
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@peersky