Skip to main content
Panther Knowledge Base

Can I set up multiple Slack channels as destinations in Panther and route alerts based on tags or data feed?

  1. Last updated
  2. Save as PDF

QUESTION

Is there a way to set up multiple Slack alert destinations (channels) and to route alerts based on tags or data feed?

ANSWER

You may add as many Slack channels as you would like as new Alert Destinations, using the Slack Bot destination or the Slack Webhook destination. For each channel, you must create an additional app on Slack's side. 

The Alert Destinations themselves have some controls to define which Alerts route to where, for example, based on Severity or Type. Another option is to leverage Python and Auxiliary Functions to route alerts to a specific destination that has been set up.

Here is an example rule that outlines how you might use all those Auxiliary Functions.