Integration Guide For Slack 
===========================

This document describes how to integrate Genian NAC with Slack using webhook.
This integration provides the ability to send notifications for any Genian
NAC log files to the Slack Workspace and channel of your choice.
In this example, we will create a Slack Notification for newly
detected MAC addresses.

The main steps of this integration are as follows:

- Configure a Slack app to accept inbound Posts
- Test that the Slack app properly 
- Configure a Genian NAC log filter to send Posts to Slack

Slack App Configuration 
-----------------------

The steps below demonstrate how to configure Slack to accept webhook
Posts from Genian NAC.

#. Navigate to api.slack.com/apps, and select **Create an App**
#. Name your App and select a workspace to apply it to.
#. Select **Incoming Webhooks**, and set **Activate Incoming Webhooks**
   to **On**

#. Select **Add New Webhook to Workspace** and select one or multiple
   channels to post your message to. Save the channel URL as it will
   be input into Genian NAC later.
#. Use the curl utility in a command line to test sending a webhook
   to a channel.
#. Copy the sample Curl request from this page, and paste it into a
   command terminal. Ensure that the webhook URL in the sample request
   matches that of the channel you wish to test, as shown at in the
   channel list at the bottom of the page, and that the curl
   function is supported by your terminal.

#. After entering, if the message posts successful to your channel, 
   Slack has been properly configured to receive webhook posts. 

Configuring Log Export to Slack
-------------------------------


.. image:: /images/slack_integration.png
  :width: 600 px

These steps will select logs from Genian NAC, and export them to the
Slack webhook app, including those imported from external systems.
To see how to import logs from external systems see:
:doc:`/logs/receiving-events` 

#. Navigate to the **Log** tab, then select the **Add filters** option.
   Narrow your search to select which events to send to Slack.
   For our example we will search for "New MAC Detected" in the
   description, and click **Search**. Other filter variables may also
   be used to narrow your search. Ensure that your search returns
   only the desired results. Click **Save**

#. Next, assign a name and a description to your filter, then select
   **Webhook** from the bottom of the screen.

   - Set **Method** to **POST**
   - Set **URL** to the channel URL shown in the previous section of
     this guide.
   - Set **Character Set** as **UTF-8**
   - In the **POST DATA** section, select which log fields to send to
     Slack. For help with the syntax, click the question mark icon
     labelled **Help for Macro**
   - For this example we will show a way to post the newly detected MAC Address
     and the corresponding IP Address to the channel of your choice, as shown
     by the {_IP} & {_MAC} macros.
   - The **title_link** content will create a hyperlink from the message title
     to the newly detected MAC address on your Policy Server. Be sure to input
     your Policy Server IP or FQDN in the indicated area.

   .. code-block:: json

      {
	"attachments":[
		{
		"fallback":"New Device Detected!",
		"color":"#7FBE26",
		"title":"New Device Detected!",
		"title_link":"POLICY SERVER ADDRESS/mc2/faces/frontpage.xhtml?forceForwardUrl=1&folder=monitor&framePage=frame.xhtml&selectedTree=BBA&selectedPage=nodeMgmt.xhtml?nid=All&mac={_MAC}&macequal=true&isselect=true",
		"text":"*MAC:* {_MAC}\n*IP:* {_IP}",

		}
      ]
      }
   
   - For **Content-Type** set to **Application/json**