Supplemental Slack info for you and your team.Tips and tools for beginners and experts alike.Get familiar with Slack Enterprise Grid for large organizations.If you're curious about what's new in Slack — and what's changed — you're in the right place.Develop your skills and prepare to become Slack Certified!Launching a new team or joining one for the first time?
Our easy-to-read guides help your team work better, together, from day one.Ready to level up? Browse our time-saving tricks and practical tips for
making Slack work for you.All kinds of teams thrive with Slack — take a look at our department-specific guides.
More coming soon!Learn how Slack works, from top to bottom!Want to learn more about setting up your team? Look no further!Welcome to Slack! We're so glad you're here. Let's get started!Adjust your profile and preferences to make Slack work just for you!Simplify your daily work with apps and tools.Tips and tools for beginners and experts alike.
Slack is experiencing some connectivity issues — please stand by. Check
Status
Configure audit log anomaly event responses in Slack
In an Enterprise organization, you can use Slack audit logs to monitor usage in your organization. Audit logs include anomaly events, which serve as indicators of potentially unusual or suspicious user and app activity.
How it works
In general, you should consider investigating anomaly events in your audit logs to understand the circumstances of the activity before taking action. However, you can choose to automatically end a user's sessions when an anomaly event is detected to halt the potentially suspicious activity.
If a user's sessions end in response to an anomaly event, they can immediately sign back into Slack using their usual login credentials.
When a user’s session is ended, Org Primary Owners and Security Admins can receive notifications either via email or from the Slack Security bot. The Slack Security bot is a Slack-built app designed to deliver important security notifications.
Tip: Check out the Slack blog for more information on configuring anomaly event responses in Slack.
Configure anomaly event responses
You can configure an anomaly event response if you'd like Slack to automatically end a user's sessions across all devices for the following:
Accessing Slack from a Tor exit node*
Data scraping*
Excessive downloads
Stale or unexpected session cookies
Spoofed user agents
Unexpected API call volume
Unexpected user agents
*Enabled by default
From your desktop, click your organization name in the sidebar.
Hover over Tools & settings, then click Organization settings.
From the left sidebar, select Security, then click Security settings.
Under Anomaly Event Response Settings, click Enable or Edit next to End user sessions automatically.
Click the toggle next to an anomaly event to select it. Check the box next to Exclude specific people or groups to prevent certain users' sessions from being ended when the event is detected.
When a user's active sessions end in response to an anomaly event, they'll receive an email notification from Slack. You can decide whether the Org Primary Owner and Security Admins should also be notified, either by email or a notification from the Slack Security app.
From your desktop, click your organization name in the sidebar.
Hover over Tools & settings, then click Organization settings.
From the left sidebar, select Security, then click Security settings.
Under Anomaly Event Response Settings, click Enable or Edit next to Manage notifications.
Click the toggle next to a notification type, then check or uncheck the box to decide who should receive notifications.
Great news! Our Help Center is available in multiple languages. Switch to EnglishBonne nouvelle ! Le centre d'assistance de Slack est désormais disponible dans plusieurs langues. Poursuivre en FrançaisGute Neuigkeiten! Unser Support-Center gibt es jetzt in mehreren Sprachen! Weiter auf DeutschSlack ヘルプセンターが複数言語で閲覧できるようになりました!日本語ページへ切り替え¡Buenas noticias! El centro de ayuda de Slack ya está disponible en varios idiomas. Continúa leyendo en español
