Slack

enterprise feature this feature is only available with trufflehog enterprise contact us to learn more slack is a messaging platform that connects people to the information they need trufflehog will scan public and private channels that the user has access to if you want to send your trufflehog results to slack, visit our slack docid\ qhzefqryxhwodbj141n4o notifier page instead slack historical scanning configuration to configure slack, you need to be able to add an app to slack web configuration you can configure this integration via the web ui through the integrations tab or you can use a local configuration file as outlined below local configuration web configuration is strongly recommended for scanning slack you will need to be able to create a single workspace app if you are able, we recommend using the slack install from the ui because not only is it much easier, but it also scans faster because it has higher rate limits you may create your own single workspace slack app to utilize with trufflehog and provide the refresh token in the token field in the example above below are the steps to create the app start creating the app here give the app a name a choose the workspace you want to trufflehog to operate on (you will need seperate apps to utilize a multiple workspaces) update the “user token scopes” section with the following scopes users\ read users\ read email channels\ history channels\ read groups\ history groups\ read files\ read make sure everything is saved and looks correct, then install your app! if your account does not permissions to install the app it may send a request to your slack admin asking for them to approve it if so, it may be a good idea to give them a heads up before you do this ) copy your newly minted token and paste it into the token field from the local configuration file above (tip remove the channels line and values if you want trufflehog to scan all accessible channels ) once you run your local scan, trufflehog will pick up and scan the configured slack source automatically! access token sources \ connection '@type' type googleapis com/sources slack endpoint https //slack ourbusiness com token xxxxxxxxxxxxxxxxxxxxxxxxxx \# if channels are not provided, all channels associate with \# the token will be scanned channels \ include channel ignorelist \ exclude channel name slack scanperiod 12h type source type slack verify true capabilities feature supported scan archive files ✅ scan attachments ✅ scan base64 encoded data ✅ scan binaries ✅ scan microsoft office files ✅ scan direct messages ❌ scan private channels (only those that authorizing user is in) ❕ exclude / include filters ✅ auto resume ✅ slack real time scanning once configured, truffle will scan your slack workspaces' messages in real time, as those messages are sent in your workspace configuration web configuration is required for slack real time, and is available via the integrations pane of your web interface steps from your integrations page, select add integration select a source integration, then select slack select slack real time beta then on truffle's servers this will take you to slack's authorization page, giving us permission to access your workspace click allow now you can name your new slack integration capabilities feature supported scan public channels, including messages in threads ✅ scan edited messages ✅ scan select private channels private channels where the truffle bot has been invited private channels that include authorizing users ✅ scan select direct messages dms (including group messages) that include the truffle bot dms (including group messages) for authorizing users ✅ scan direct messages and group messages the truffle bot is included in ✅