Introduction
In this blog post, you will learn how to use IBM Storage Insights to send notifications in real-time to your Slack channel when it detects a potential Ransomware attack across storage systems that it monitors.
What is IBM Storage Insights?
IBM Storage Insights (SI) is a software-as-a-service (SaaS) solution designed to help organizations manage their storage environments more efficiently and effectively. It provides a unified dashboard for monitoring and managing various storage systems from IBM and other vendors, including IBM block and file storage, object storage, and virtualization systems. It is built as a cloud-native application composed of a collection of micro services running in a cloud-native environment.
Storage systems running on customer's datacentre provide their performance and configuration data periodically to SI where they are processed. The SI GUI offers many functionalities, some of the key features are:
- Real-time performance monitoring: Get visibility into the health and performance of storage systems, including metrics like latency, throughput, and capacity utilization.
- Predictive analytics: Leverage machine learning algorithms to predict potential issues before they become problems, reducing downtime and improving overall system reliability.
- Ransomware Threat detection. Get alerts about potential ransomware attacks across various IBM Storage Virtualize and IBM Storage FlashSystem products.
Alerts for Ransomware threat detection
When a ransomware threat is detected, email alerts are sent to the designated email addresses. And, within IBM Storage Insights Pro, you can monitor these alerts by going to either of these pages:
- IBM Storage Insights tenant level:
- IBM Storage Insights tenant level:
Instead of constantly checking the Storage Insights UI or your email for alerts, wouldn't it be nice if Storage Insights could send notifications to your Slack channel if a potential Ransomware attack is detected?
To send notifications to a Slack channel, we need to give Storage Insights the information about that channel through a Slack Webhook URL.
To get a Slack Webhook URL of your Slack channel, go to Using Webhooks in Slack API, then create your Slack app.
After creating a Slack app, click the app and navigate to the page:
- Add features and functionality > Incoming Webhooks > Activate Incoming Webhooks > Add New Webhook to Workspace.
Go back to Integrations page in Storage Insights. Copy the Webhook URL you have just created and paste it into the box Webhook URL.
Click on Test Webhook button. A dummy Ransomware alert will be sent to the Slack channel.
#Highlights#Highlights-home