When creating a Slack App to pull Audit Logs into Panther, why do I get the error "Slack healthcheck failed"?
This error can be caused by the use of an org token when onboarding Slack Access Logs. In this case, this type of error is expected because Slack expects another
team_id parameter to be passed along the request, as shown here: https://api.slack.com/methods/team.accessLogs#args
Panther doesn't pass the
team_id parameter because its Slack Access Logs integration isn't designed to work with org tokens. For more information, please refer to Panther's Slack Logs documentation.