Skip to content
Last9
Book demo

Receive Alert Notifications via Flock

Setup Flock integration and receive alert notifications from Last9.

Getting started

Last9 can send alert notifications and resolutions to Flock, a team messaging platform. This document provides step-by-step instructions on how to set up Flock integration with Last9 and start receiving alert notifications.

Setting up an Incoming Webhook in Flock

  1. Navigate to the Flock Developer Dashboard and sign in with your Flock account

  2. Click Webhooks in the left navigation menu

  3. Click Add next to Incoming Webhook

    Flock webhooks page

  4. Configure your webhook:

    • Select the Channel where you want alert notifications to be posted
    • Give the webhook a descriptive Name (e.g., “Last9 Alerts”)
    • Optionally, set an Icon for the webhook messages

    Flock webhook configuration

  5. Click Save and Generate URL

  6. Copy the generated webhook URL from the success dialog

    Flock webhook URL generated

  7. Your webhook will now appear under Manage Webhooks

    Flock webhook saved

Setting up a notification channel in Last9

  1. In Notification Channels, click Add to create a new channel

    Notification channels list

  2. Provide the following details:

    • Channel Name: A descriptive name to easily identify the channel (e.g., “Flock Production Alerts”)
    • Channel: Select Webhook from the dropdown
    • Webhook URL: Paste the Flock webhook URL copied from the previous step
    • Send Resolved: Enable this option if you want to be notified when an alert has been resolved

    Add Flock webhook channel

  3. Click Save to enable the channel

Assigning a notification channel to an alert group

  1. Navigate to your Alert Group in Alert Studio

  2. Click on the notification channel icons at the top of the alert group to configure notifications

    Alert Studio notification icons

  3. Select your Flock channel from the Webhook dropdown under either Channels for Threat Notification or Channels for Breach Notification

    Select Flock channel for alerts

Flock Notification Format

Last9 sends notifications to Flock using FlockML, which provides rich formatting.

Trigger Notifications

When an alert is triggered, the notification includes:

FieldDescription
Header🚨 TRIGGER: {severity icon} {summary}
SeverityBREACH or THREAT (uppercase)
ComponentThe affected component or service
ClassType of alert (e.g., Static Threshold, SLO Breach)
TimestampWhen the alert was triggered (e.g., “Jan 15, 2024 at 10:30 UTC”)
Custom DetailsAdditional context like service, environment, error rates
InspectLink to “View in Last9”

Resolved Notifications

When an alert is resolved (requires Send Resolved to be enabled), the notification includes:

FieldDescription
Header✅ RESOLVED: {summary}
StatusRESOLVED
Original SeverityThe severity when the alert was triggered
ComponentThe affected component or service
Original TimestampWhen the alert was originally triggered
Custom DetailsContext from the original alert
InspectLink to “View in Last9”

Severity Indicators

SeverityIconDescription
Breach🔴 Red circleCritical alerts requiring immediate attention
Threat🟠 Orange circleWarning alerts indicating potential issues

JSON Payload Format (Opt-in)

By default, Last9 sends Flock notifications using FlockML — a rich text format that works out of the box with no configuration needed.

Teams that want to customize how alert notifications appear in Flock (add, remove, or reformat fields) can opt into receiving a JSON attachments payload instead. This gives full control over the message layout using Flock’s incoming webhook attachments API.

Enabling JSON format

Add the header X-Last9-Payload-Format: json to your notification channel’s Webhook Headers.

  1. In Notification Channels, open your Flock channel

  2. Under Webhook Headers, add:

    Header nameValue
    X-Last9-Payload-Formatjson

  3. Click Save

JSON payload structure

When opted in, Last9 sends a payload of this shape:

{
  "text": "🚨 TRIGGER: 🔴 High Error Rate on API Service",
  "attachments": [
    {
      "title": "🚨 TRIGGER: 🔴 High Error Rate on API Service",
      "color": "#E53935",
      "views": {
        "flockml": "<b>Severity:</b> BREACH<br/><b>Component:</b> api-gateway<br/><b>Timestamp:</b> Jan 15, 2024 at 10:30 UTC"
      },
      "buttons": [
        {
          "name": "View in Last9",
          "action": {
            "type": "openBrowser",
            "url": "https://app.last9.io/alerts/12345"
          }
        }
      ]
    }
  ]
}

Color coding

SeverityColorHex
BreachRed#E53935
ThreatOrange#FB8C00
ResolvedGreen#43A047
DefaultBlue#1976D2

Terraform example with JSON opt-in

resource "last9_notification_channel" "flock_json" {
  name          = "flock-production-alerts-json"
  type          = "webhook"
  destination   = "https://api.flock.com/hooks/sendMessage/YOUR-WEBHOOK-TOKEN"
  send_resolved = true


  webhook_headers = {
    "X-Last9-Payload-Format" = "json"
  }
}

Using Terraform

You can also create the Flock notification channel using the Last9 Terraform Provider:

resource "last9_notification_channel" "flock" {
  name          = "flock-production-alerts"
  type          = "webhook"
  destination   = "https://api.flock.com/hooks/sendMessage/YOUR-WEBHOOK-TOKEN"
  send_resolved = true
}

Troubleshooting

Notifications not appearing in Flock

  1. Verify the webhook URL is correct and starts with https://api.flock.com/hooks/
  2. Check that the webhook is still active in the Flock Developer Dashboard
  3. Ensure the channel selected for the webhook still exists

Messages are not formatted correctly

Last9 auto-detects Flock webhooks based on the URL pattern. Ensure your webhook URL contains api.flock.com or flock.co.

Please get in touch with us on Discord or Email if you have any questions.