L2 Support Engineer · Fintech · Week 5
Week 5
Day 3
Day 4
Week 5 · Day 3 & Day 4
Slack Alerts &
WhatsApp Alerts
When something breaks on your server, you should not have to be staring at a screen to find out. Today you set up real alerts that ping you automatically — on Slack and WhatsApp.
Day 3 — Slack Webhook
Day 4 — WhatsApp API
WebhookBash Script
Cloud APIAutomation
Day 3
Slack Alerts — Webhook Integration
01 The Simple Idea
Real-life Analogy
Think of a webhook like a doorbell connected to your phone. When someone rings the doorbell at your house, your phone rings — no matter where you are.
A Slack webhook is the same thing. When your script detects an error, it rings the Slack doorbell. Slack instantly sends a message to your team channel. Everyone is notified — no one has to keep watching a screen.
What is a Webhook?
A webhook is just a URL (web address) that accepts messages. Slack gives you a special URL. When your script sends data to that URL, Slack automatically posts a message to your chosen channel. No login needed — just send to the URL and it works.
Think of it as Slack's inbox address. You drop a letter into it (your alert message) and it appears in your channel instantly.
02 Full Setup — Step by Step
a
Go to slack.com and click "Create a new workspace"
b
Enter your email address and verify it
c
Give your workspace a name — e.g. "L2-Monitoring"
d
Create a channel — e.g. #server-alerts — this is where your alerts will appear
💡 The free Slack plan is enough for this. You just need a workspace and one channel.
a
Go to api.slack.com/apps in your browser
b
Click "Create New App" → choose "From scratch"
c
Name your app — e.g. "L2 Alert Bot" — then select your workspace
d
On the left menu click "Incoming Webhooks"
e
Toggle the switch to "On"
f
Scroll down and click "Add New Webhook to Workspace"
g
Choose the channel — select #server-alerts — then click "Allow"
h
You will now see a Webhook URL that looks like this:
Your webhook URL will look like this
SLACK_WEBHOOK_URL=YOUR_SLACK_WEBHOOK_HERE
⚠️ Copy this URL and save it somewhere safe. This is your webhook. Anyone with this URL can post to your channel — keep it private. Never share it publicly.
Before writing a script, test that your webhook actually works. Open your Kali terminal and run this command — replace the URL with your actual webhook URL.
Kali terminal — paste and run this
curl -X POST -H 'Content-type: application/json' \
--data '{"text": "Test alert from Kali Linux. Webhook is working!"}' \
https://hooks.slack.com/services/YOUR/WEBHOOK/URL
What you will see
Terminal shows: ok
Slack channel shows: "Test alert from Kali Linux. Webhook is working!"
If you see ok in terminal but nothing in Slack — double check the URL and the channel name.
Now create this script on your Kali machine. It reads the log, counts errors, and sends a Slack message if errors are found.
slack-alert.sh — write this exactly
#!/bin/bash
# =============================================
# slack-alert.sh
# Checks log for errors and sends Slack alert
# Replace WEBHOOK_URL with your actual URL
# =============================================
WEBHOOK_URL="https://hooks.slack.com/services/YOUR/WEBHOOK/URL"
LOG_FILE="$HOME/payment-service.log"
ERROR_LIMIT=3
SERVER_NAME="Payment-Server-01"
# Check log file exists
if [ ! -f "$LOG_FILE" ]; then
echo "Log not found."; exit 1
fi
# Count errors
ERROR_COUNT=$(grep -c "ERROR" "$LOG_FILE")
TIMESTAMP=$(date)
# Only send alert if errors exceed limit
if [ "$ERROR_COUNT" -gt "$ERROR_LIMIT" ]; then
MESSAGE="🚨 *ALERT — $SERVER_NAME*\n> Errors found: *$ERROR_COUNT*\n> Time: $TIMESTAMP\n> Log: $LOG_FILE"
curl -s -X POST -H 'Content-type: application/json' \
--data "{\"text\": \"$MESSAGE\"}" \
"$WEBHOOK_URL"
echo "Slack alert sent: $ERROR_COUNT errors"
else
echo "No alert needed. Errors: $ERROR_COUNT"
fi
1
Open vi: vi ~/slack-alert.sh — press i to edit — paste the script above — replace YOUR/WEBHOOK/URL
2
Press Esc → type :wq → press Enter to save
3
Give permission: chmod +x ~/slack-alert.sh
4
Run it: ./slack-alert.sh
What you will see
Terminal: Slack alert sent: 4 errors
Slack channel #server-alerts: 🚨 ALERT — Payment-Server-01 / Errors found: 4 / Time: [timestamp]
terminal — add cron job
# Open crontab
crontab -e
# Add this line — runs every 30 minutes
*/30 * * * * /home/kali/slack-alert.sh >> /home/kali/slack-cron.log 2>&1
# Save and exit (:wq) then confirm:
crontab -l
✅ From now on — every 30 minutes the script checks the log automatically. If errors are above 3, you get a Slack message. No manual checking needed.
Day 4
WhatsApp Alerts — Cloud API Templates
03 The Simple Idea
Real-life Analogy
WhatsApp is already on everyone's phone — team members, managers, clients. Sending a WhatsApp alert is like having your server send you a text message directly.
Instead of opening a new tool, the alert lands where people already are. When an outage happens at 2 AM, a WhatsApp ping on the manager's phone is far more effective than an email sitting unread until morning.
How WhatsApp Business API Works
WhatsApp has a Business API that lets systems send messages programmatically. You cannot use a personal WhatsApp account for this — you need a WhatsApp Business API provider.
The most popular free provider for testing is Twilio — they give you a free WhatsApp sandbox (test number) that lets you send messages without paying anything during testing. For production, your company would use an approved provider.
What are Message Templates?
WhatsApp does not allow you to send freeform messages to people who haven't opted in first. So you use pre-approved message templates. A template is a fixed message format with placeholders — like a form letter. WhatsApp approves the template and then you fill in the variable parts (like the error count or server name) when sending.
Example template: "🚨 Alert: {{server_name}} has {{error_count}} errors at {{time}}. Please investigate."
04 Full Setup — Step by Step (Using Twilio Sandbox)
a
Go to twilio.com and click "Sign Up"
b
Enter your name, email, and password — verify your email
c
Verify your phone number (they send a code via SMS)
d
When asked "What are you building?" select Alerts & Notifications
e
You are now in the Twilio Console. Free trial gives you $15 credit — enough for testing.
a
In the Twilio Console left menu → go to Messaging → Try it out → Send a WhatsApp message
b
You will see a Sandbox number — it looks like: +1 415 523 8886
c
You will also see a join code — e.g. "join example-word"
d
Open WhatsApp on your phone → add the sandbox number as a contact → send it the join code message
e
You will receive a WhatsApp reply confirming you joined the sandbox
💡 The sandbox only works for numbers that have sent the join message. This is how WhatsApp's opt-in requirement works. In production you would have proper approved numbers.
a
In Twilio Console → go to your Account Dashboard
b
Find and copy your Account SID — looks like: ACxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
c
Find and copy your Auth Token — click the eye icon to reveal it
What your credentials look like
Account SID : ACxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Auth Token : your_auth_token_here
From Number : whatsapp:+14155238886 # Twilio sandbox number
To Number : whatsapp:+923XXXXXXXXX # your WhatsApp number with country code
⚠️ Never put your Auth Token directly into a script you share. For this lab it is fine since it is local to your Kali machine. In production, store it as an environment variable.
Before writing the script, test that your credentials work. Run this in your Kali terminal — replace all values with your own.
Kali terminal — manual test
curl -X POST https://api.twilio.com/2010-04-01/Accounts/YOUR_ACCOUNT_SID/Messages.json \
--data-urlencode "From=whatsapp:+14155238886" \
--data-urlencode "To=whatsapp:+923XXXXXXXXX" \
--data-urlencode "Body=Test message from Kali Linux. WhatsApp alert is working!" \
-u YOUR_ACCOUNT_SID:YOUR_AUTH_TOKEN
What you will see
Terminal shows: a JSON response with "status": "queued"
Your WhatsApp shows: "Test message from Kali Linux. WhatsApp alert is working!"
If it says error 21606 — your number has not joined the sandbox yet (Step 2).
whatsapp-alert.sh — write this exactly
#!/bin/bash
# =============================================
# whatsapp-alert.sh
# Detects errors and sends WhatsApp message
# Replace all values marked with YOUR_
# =============================================
ACCOUNT_SID="YOUR_ACCOUNT_SID"
AUTH_TOKEN="YOUR_AUTH_TOKEN"
FROM_NUM="whatsapp:+14155238886"
TO_NUM="whatsapp:+923XXXXXXXXX" # your number
LOG_FILE="$HOME/payment-service.log"
ERROR_LIMIT=3
if [ ! -f "$LOG_FILE" ]; then
echo "Log not found. Run create-sample-log.sh first."; exit 1
fi
ERROR_COUNT=$(grep -c "ERROR" "$LOG_FILE")
TIME=$(date +"%Y-%m-%d %H:%M")
if [ "$ERROR_COUNT" -gt "$ERROR_LIMIT" ]; then
MSG="ALERT: Payment server has $ERROR_COUNT errors at $TIME. Please investigate immediately."
curl -s -X POST \
https://api.twilio.com/2010-04-01/Accounts/$ACCOUNT_SID/Messages.json \
--data-urlencode "From=$FROM_NUM" \
--data-urlencode "To=$TO_NUM" \
--data-urlencode "Body=$MSG" \
-u "$ACCOUNT_SID:$AUTH_TOKEN" > /dev/null
echo "WhatsApp alert sent: $ERROR_COUNT errors"
else
echo "All clear. Errors: $ERROR_COUNT"
fi
1
Open vi: vi ~/whatsapp-alert.sh → press i → paste the script → fill in YOUR_ values
2
Press Esc → :wq → Enter to save
3
chmod +x ~/whatsapp-alert.sh
What you will see
Terminal: WhatsApp alert sent: 4 errors
Your WhatsApp: "ALERT: Payment server has 4 errors at 2024-03-15 14:30. Please investigate immediately."
terminal
crontab -e
# Add this line — WhatsApp alert every hour
0 * * * * /home/kali/whatsapp-alert.sh >> /home/kali/wa-cron.log 2>&1
# Confirm
crontab -l
✅ Now every hour — if errors exceed 3 — a WhatsApp message lands on your phone automatically. You don't have to check anything.
05 Running Both Together
Slack + WhatsApp — The Full Alert System
Once both scripts are set up, you can run them both from one master script. When an error threshold is crossed — Slack notifies the team channel AND WhatsApp pings the on-call engineer's phone.
combined-alerts.sh — runs both
#!/bin/bash
# Runs both alert scripts in sequence
echo "Running alert checks at $(date)"
$HOME/slack-alert.sh
$HOME/whatsapp-alert.sh
echo "Done."
06 Real L2 Scenarios
01
It is 3 AM. The payment service log fills with DB timeouts. Your cron job runs at 3:30 AM — it detects 8 errors, fires the Slack webhook, and sends a WhatsApp. The on-call engineer sees the WhatsApp ping, wakes up, and starts investigating before any client even notices.
02
Your manager asks "Can we set up something so we get a message if payments fail overnight?" You show them the Slack alert already running. You add their number to the WhatsApp script. Problem solved — took 5 minutes.
03
During a quiet day you test the alert by temporarily lowering ERROR_LIMIT to 0. You run the script — Slack gets a message, WhatsApp gets a message. You now know for certain your alert system works. You raise the limit back to 3 and schedule it.
✅ Week 5 · Day 3 & 4 Outcomes
- Explain what a webhook is — a URL that accepts messages and posts them to a channel
- Create a Slack workspace, app, and incoming webhook from scratch
- Send a manual test alert to Slack using curl from the terminal
- Write and run slack-alert.sh — reads the log and sends a Slack message when errors exceed threshold
- Schedule the Slack alert with crontab so it runs automatically every 30 minutes
- Explain how WhatsApp Business API works and why templates are needed
- Create a Twilio account and activate the WhatsApp sandbox
- Send a manual test WhatsApp message from the terminal using curl
- Write and run whatsapp-alert.sh — detects errors and sends a WhatsApp ping
- Schedule the WhatsApp alert with crontab to run every hour automatically