Skip to content

Splunk:Reports:Slack

Jump to bottom
lbonanomi edited this page Apr 11, 2024 · 5 revisions

Generate a table of user-X inviting user-Y into channel-Z for whatever the specified search period is:

index="slack" action=user_channel_join | spath output=user path=actor.user.email |
spath output=channel path=entity.channel.name |
spath output=how path=details.type |
where how="INVITED" |
spath output=when path=date_create |
spath output=by path=details.inviter.email |
eval join_time=strftime(when,"%m/%d/%y %H:%M:%S") |
table user,join_time,channel,how,by

AWS

Apache

FleetDM

GHE

GSuite

Git

Grafana

Java

Jenkins

Jira

Linux

OpenLDAP

Openstack

SSL

X

kubernetes

webdriver

Clone this wiki locally