Supplemental Slack info for you and your team.Tips and tools for beginners and experts alike.Get familiar with Slack Enterprise Grid for large organizations.If you're curious about what's new in Slack — and what's changed — you're in the right place.Develop your skills and prepare to become Slack Certified!Launching a new team or joining one for the first time?
Our easy-to-read guides help your team work better, together, from day one.Ready to level up? Browse our time-saving tricks and practical tips for
making Slack work for you.All kinds of teams thrive with Slack — take a look at our department-specific guides.
More coming soon!From channels to search – learn how Slack works from top to bottom.Want to learn more about setting up your team? Look no further!Welcome to Slack! Nice to see you here. Let’s get started!Adjust your profile and preferences to make Slack work just for you.Connect, simplify and automate. Discover the power of apps and tools.Tips and tools for beginners and experts alike.
Slack is experiencing some connectivity issues — please stand by. Check
Status
Configure audit log anomaly event responses in Slack
In an Enterprise organisation, you can use Slack audit logs to monitor usage in your organisation. Audit logs include anomaly events, which serve as indicators of potentially unusual or suspicious user and app activity. You can configure an anomaly event response if you’d like Slack to automatically end a user’s sessions across all devices for the following:
Accessing Slack from a Tor exit node*
Data scraping*
Excessive downloads
Stale or unexpected session cookies
Spoofed user agents
Unexpected API call volume
Unexpected user agents
*Enabled by default
Configure anomaly event responses
In general, you should consider investigating anomaly events in your audit logs to understand the circumstances of the activity before taking action. However, you can choose to automatically end a user’s sessions when an anomaly event is detected to halt the potentially suspicious activity. If a user’s sessions end in response to an anomaly event, they can immediately sign back in to Slack using their usual login credentials.
From your desktop, click your organisation name in the sidebar.
Hover over Tools & settings, then click Organisation settings.
From the left-hand sidebar, select Security, then click Security settings.
Under Anomaly event response settings, click Enable or Edit next to End user sessions automatically.
Click the toggle next to an anomaly event to select it. Tick the box next to Exclude specific people or groups to prevent certain users’ sessions from being ended when the event is detected.
When a user’s active sessions end in response to an anomaly event, they’ll receive an email notification from Slack. You can decide whether the org primary owner and security admins should also be notified, either via email or a notification in Slack.
From your desktop, click your organisation name in the sidebar.
Hover over Tools & settings, then click Organisation settings.
From the left-hand sidebar, select Security, then click Security settings.
Under Anomaly event response settings, click Enable or Edit next to Manage notifications.
Click the toggle next to a notification type, then tick or untick the box to decide who should receive notifications.
Click Enable or Save.
Who can use this feature?
Org owners, org admins and members with the security adminsystem role
Great news! Our Help Center is available in multiple languages. Switch to EnglishBonne nouvelle ! Le centre d'assistance de Slack est désormais disponible dans plusieurs langues. Poursuivre en FrançaisGute Neuigkeiten! Unser Support-Center gibt es jetzt in mehreren Sprachen! Weiter auf DeutschSlack ヘルプセンターが複数言語で閲覧できるようになりました!日本語ページへ切り替え¡Buenas noticias! El centro de ayuda de Slack ya está disponible en varios idiomas. Continúa leyendo en español
