When creating a Slack App to pull Audit Logs into Panther, why do I get the error "Slack healthcheck failed - failed response: Slack API error (200) missing_argument"?
This error can be caused by the use of an org token when onboarding Slack Access Logs. In this case, this type of error is expected because Slack expects another team_id
parameter to be passed along the request, as shown here: https://api.slack.com/methods/team.accessLogs#args
Panther doesn't pass the team_id
parameter because its Slack Access Logs integration isn't designed to work with org tokens. For more information, please refer to Panther's Slack Logs documentation.