Slack - Create Channel for New Incident
This workflow works with an incident automation rule or playbook to create a Slack channel when incidents are created in Cisco XDR. Anyone assigned to the incident or configured in the workflow's settings will be added to the channel. The workflow can also update the incident's status if a new channel is created successfully. If a channel already exists, a new one is not created.
Description
This workflow works with an incident automation rule or playbook to create a Slack channel when incidents are created in Cisco XDR. Anyone assigned to the incident or configured in the workflow's settings will be added to the channel. The workflow can also update the incident's status if a new channel is created successfully. If a channel already exists, a new one is not created.
Targets: Conure APIs, Platform APIs, Private Intelligence API, Slack
Steps:
- Fetch the incident
- Check if this incident already has a Slack channel (if so, update the local variables)
- Check if there are users to always add to channels (if so, add them to the participant list)
- Process the incident assignees
- Check if we need to use the fallback users (if so, add them to the participant list)
- Check if a channel already exists for this incident:
- If not, create one, update the incident status (optional), post a welcome message, and update the incident
- Add the participants to the channel
This workflow requires the following targets to be available before it can be run.
Integration targets
- Slack
- Cisco XDR