This workflow template notifies a designated Slack channel of Check Point SmartTask events related to policy installations or session publications. When a policy is installed, the workflow gathers details such as the policy name and status. Upon a successful policy install, it triggers a Slack message. Conversely, if an error occurs, a message detailing the error is sent. In the case of a session being published, a Slack message is dispatched that contains a count of the objects added, modified, or deleted. This automation enhances network security alert and remediation processes, facilitating immediate communication and transparency for security teams.
Trigger
Webhook
Use Cases
Remediate Network Security Alerts , Security Bots
Workflow Breakdown
Receive a webhook from a Check Point SmartTask on Policy Install or when a session is published
If policy install, gather the gateways data including policy name and status
If policy install was successful send a Slack message, if an error occured send message and snippet with error details
If a session was published, send a Slack message with count of objects added, modified, or deleted
Vendors
Slack, Utils
Workflow Output
Message to the Slack channel on details of the SmartTask that was triggered.
Tips
See the example bash script used to send the webhook to Torq from the Check Point script repository