search

aws-samples / aws-securityhub-to-slack

Demonstrates sending AWS findings to your Slack Channel
MIT No Attribution
56 stars 33 forks source link

Prevent sending duplicated Securityhub findings to Slack #16

Open mfarrokhnia opened 3 years ago

mfarrokhnia commented 3 years ago

I am sending SecurityHub New findings to an Slack channel, however the problem is that it is sending the same findings over and over again and it would be very noisy in the channel. I have tried a way that is mentioned in another post, setting the finding as "Notified" after it is send the New finding to Slack, however next day I saw that the same findings have been send to Slack again. After checking on AWS doc, it seems AWS changes the Notified workflow-status to New: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Workflow.html

Has anyone found a way to prevent sending duplicate findings?

pakeerubasha-mekala commented 2 years ago

Hi, Do we have any findings/update to avoid duplicate notifications to slack.