Sinks

Playbooks results (findings) can be sent to one or more sinks (destinations). Findings will be automatically formatted in a way that makes sense for each sink.

Supported sinks

The following sinks are supported:

• Slack - send playbooks results to a Slack channel

• Robusta UI - send playbooks results to Robusta's web UI

• MS teams - send playbooks results to an MS Teams channel webhook.

• Kafka - send playbooks results to a Kafka topic

• DataDog - send playbooks results to the Datadog events API

• Opsgenie - send playbooks results to the OpsGenie alerts API

• Telegram - send playbooks results to Telegram group or private conversation

• Webhook - send playbooks results to a webhook

• VictorOps - send playbooks results to the VictorOps alerts API

• PagerDuty - send playbooks results to the PagerDuty alerts API

• Discord - send playbooks results to the Discord using webhook

• Mattermost - send playbooks results to the Mattermost using webhook

Need support for something not listed here? Tell us and we'll add it to the code.

See Defining additional sinks for more details

Sending Findings to Specific Sinks

A sink can be configured to receive only certain findings. For example, you can send notifications to different Slack channels depending on the namespace:

sinksConfig:
- slack_sink:
    name: slack_app_sink
    slack_channel: app-notifications
    api_key: secret-key
    match:
      namespace:
      - app
- slack_sink:
    name: slack_system_sink
    slack_channel: system-notifications
    api_key: secret-key
    match:
      namespace:
      - kube-system

See Sink matchers for more details.

Default sinks

If a playbook doesn't specify a sink then output will be sent to the default sinks. A sink is considered default if it has the field default: true in the YAML.