Skip to main content

Notification Targets

info

The English user guide is currently in beta preview. Most of the documents have been automatically translated from the Japanese version. Should you find any inaccuracies, please reach out to Flatt Security.

When Shisho Cloud detects a policy violation, you can view it on the Shisho Cloud dashboard and send notifications to external services.

Notifications from Shisho Cloud to External Services

All notifications are managed through workflows.

Specifically, the notify block within a workflow's job controls notifications.

For example, the following manifest defines a workflow that sends notifications to the notification group with the ID NGFOO:

jobs:
- name: check-with-foobar
id: check-with-foobar
decide:
# ...
notify:
rego: |
import data.shisho

notifications[n] {
n := shisho.notification.to_group(
"NGFOO",
"test"
)
}

Notification Targets

Shisho Cloud can send notifications to entities called notification targets.

Supported Notification Targets

Shisho Cloud currently supports the following notification targets:

  • Slack channels
  • Comments on GitHub Issues and Pull Requests
  • Email addresses
caution

You might need to configure additional settings depending on the notification target. For more information, see the next section.

Configuring Notification Target Settings

You might need to configure additional settings to receive notifications depending on the notification target type.

Configuring Slack Notifications

To receive notifications on a Slack channel, complete the Slack workspace integration process and add the Shisho Cloud Slack app to the Slack channel:

info

You must perform this configuration on the Slack side.

  1. Right-click the Slack channel where you want to receive notifications, and select "View Channel Details."

  2. Select the Integrations tab, and then select Add an App.

  3. Search for the Shisho Cloud app, and then select Add to invite it to your Slack channel.

warning

If the Shisho Cloud app doesn't appear, Shisho Cloud might not be integrated with your Slack workspace. Complete the Slack workspace integration process.

warning

If you can't find the menu items described in these steps, Slack might have updated its user interface or your Slack workspace owner (administrator) might have restricted access. If you can't integrate Shisho Cloud and your Slack workspace, contact Flatt Security.

Sending a Test Message to a Slack Channel

To verify that the settings are correct before using the notification feature in a workflow, send a test message to the Slack channel by selecting Send test message:

If the settings are correct, the following test message appears in your Slack channel:

If the message doesn't appear, the Slack workspace integration process might not be complete or the Shisho Cloud Slack app might not be added to the Slack channel. If you still can't receive the test message, contact Flatt Security.

Configuring Email Notifications

Shisho Cloud prevents notifications to email addresses that aren't associated with users in your organization. Therefore, adding those email addresses to a notification group or policy doesn't send notifications. To send notifications to those addresses, add them to the "Mail Sending Permission List".

info

Notifications to the email addresses of users in your organization (the email addresses used to register with Shisho Cloud) are implicitly allowed and don't need to be added to the Mail Sending Permission List.

To manage the Mail Sending Permission List, select Settings () > Mail Sending Permission List.

Mail Sending Permission List Management Screen

To add an email address to the Mail Sending Permission List, follow these steps:

  1. Select Add Email Address. A modal appears.

  2. Enter the email address in the modal, and then select Add.

    If the email address is added successfully, it appears in the list. However, Shisho Cloud sends a confirmation email to the address to verify its validity. You must verify the email address before it can receive notifications.

    The confirmation email is valid for 24 hours. If you don't verify the email address within 24 hours, the status changes and the message updates.

    To resend the confirmation email, select Resend Confirmation Email. You can resend the confirmation email before it expires, but only the link in the most recent email is valid. If you select a link in an older email, you'll receive an error.

    After you verify the email address, the Status column is empty. The email address can now receive notifications.

info

To prevent data leaks, remove unused email addresses from the Mail Sending Permission List. To remove an email address, select Delete next to the email address. When you delete an email address, a confirmation email isn't sent. To delete multiple email addresses, select the checkbox next to each address, and then select Delete.

note

If email notifications aren't sent after you configure the Mail Sending Permission List, check your spam folder. If the email notifications aren't in your spam folder, contact Flatt Security.

(Advanced) Using Notification Targets from a Policy

To send notifications to supported notification targets, pass the Notification object from the policy code to Shisho Cloud according to the API between Shisho Cloud and the policy code (for example, API for Inline Rego Policies).

info

Use the functions under shisho.notification in the Rego SDK.

For example:

import data.shisho

# Send the string "test" as a comment to the specified GitHub Issue
import data.shisho

notifications[n] {
n := shisho.notification.to_github_issue(
"org-name",
"repository-name",
123456, # issue ID
"test", # message
)
}
info

If the notification feature doesn't work correctly, see the "Workflows" section in the frequently asked questions.