Skip to main content
TealTiger can send real-time alerts when governance events occur — policy violations, budget thresholds, high-risk decisions, or circuit breaker trips. Route them to Slack, Discord, Teams, or any webhook endpoint.

Quick Start

import { TealTiger } from 'tealtiger';

const teal = new TealTiger({
  policies: { /* ... */ },
  webhooks: {
    slack: {
      url: process.env.SLACK_WEBHOOK_URL,
      events: ['decision.denied', 'budget.threshold', 'circuit.open'],
    }
  }
});

Slack

Step 1: Create a Slack Webhook

  1. Go to api.slack.com/apps and create a new app
  2. Enable Incoming Webhooks
  3. Add a webhook to your desired channel
  4. Copy the webhook URL

Step 2: Configure TealTiger

const teal = new TealTiger({
  policies: {
    budget: { maxCostPerDay: 100.00 },
    security: { detectPII: true },
  },
  webhooks: {
    slack: {
      url: process.env.SLACK_WEBHOOK_URL,
      channel: '#ai-governance',
      events: ['decision.denied', 'budget.threshold', 'circuit.open'],
      // Only alert on high-risk events
      filter: {
        minRiskScore: 70,
      },
      // Rate limit: max 10 alerts per minute
      rateLimit: {
        maxPerMinute: 10,
      },
    }
  }
});

Slack Message Format

TealTiger sends rich Slack messages with Block Kit formatting: 
{
  "blocks": [
    {
      "type": "header",
      "text": { "type": "plain_text", "text": "🚨 Policy Violation Detected" }
    },
    {
      "type": "section",
      "fields": [
        { "type": "mrkdwn", "text": "*Decision:*\nDENY" },
        { "type": "mrkdwn", "text": "*Risk Score:*\n85/100" },
        { "type": "mrkdwn", "text": "*Reason:*\nBUDGET_EXCEEDED" },
        { "type": "mrkdwn", "text": "*Policy:*\nbudget.daily.v1" }
      ]
    },
    {
      "type": "context",
      "elements": [
        { "type": "mrkdwn", "text": "Provider: openai | Model: gpt-4 | Cost: $0.12" }
      ]
    }
  ]
}

Discord

Step 1: Create a Discord Webhook

  1. Go to your Discord server settings
  2. Navigate to IntegrationsWebhooks
  3. Click New Webhook, choose a channel, and copy the URL

Step 2: Configure TealTiger

const teal = new TealTiger({
  policies: { /* ... */ },
  webhooks: {
    discord: {
      url: process.env.DISCORD_WEBHOOK_URL,
      events: ['decision.denied', 'budget.threshold'],
      username: 'TealTiger Bot',
    }
  }
});

Discord Message Format

TealTiger sends Discord embeds: 
{
  "username": "TealTiger Bot",
  "embeds": [{
    "title": "🚨 Policy Violation Detected",
    "color": 15158332,
    "fields": [
      { "name": "Decision", "value": "DENY", "inline": true },
      { "name": "Risk Score", "value": "85/100", "inline": true },
      { "name": "Reason", "value": "BUDGET_EXCEEDED", "inline": true },
      { "name": "Policy", "value": "budget.daily.v1", "inline": true }
    ],
    "footer": { "text": "TealTiger Governance" },
    "timestamp": "2026-03-22T10:30:00Z"
  }]
}

Microsoft Teams

const teal = new TealTiger({
  policies: { /* ... */ },
  webhooks: {
    teams: {
      url: process.env.TEAMS_WEBHOOK_URL,
      events: ['decision.denied', 'budget.threshold'],
    }
  }
});

Custom Webhook

Send alerts to any HTTP endpoint. 
const teal = new TealTiger({
  policies: { /* ... */ },
  webhooks: {
    custom: [{
      url: 'https://your-api.example.com/tealtiger-alerts',
      method: 'POST',
      headers: {
        'Authorization': `Bearer ${process.env.WEBHOOK_TOKEN}`,
        'Content-Type': 'application/json',
      },
      events: ['decision.denied', 'budget.threshold', 'circuit.open'],
      // Retry on failure
      retry: {
        maxRetries: 3,
        backoffMs: 1000,
      },
    }]
  }
});

Custom Webhook Payload

{
  "event": "decision.denied",
  "timestamp": "2026-03-22T10:30:00.000Z",
  "decision": {
    "action": "DENY",
    "reason_codes": ["BUDGET_EXCEEDED"],
    "risk_score": 85,
    "policy_id": "budget.daily.v1",
    "mode": "ENFORCE"
  },
  "context": {
    "provider": "openai",
    "model": "gpt-4",
    "estimated_cost": 0.12,
    "correlation_id": "req-abc-123"
  }
}

Available Events

EventDescriptionWhen it fires
decision.deniedA request was blockedPolicy denies a request
decision.transformedA request was modifiedPII redacted, model downgraded, etc.
budget.thresholdBudget threshold reached80%, 90%, 100% of budget consumed
budget.exceededBudget limit hitDaily/monthly budget exceeded
circuit.openCircuit breaker trippedProvider failure threshold reached
circuit.closeCircuit breaker recoveredProvider recovered after cooldown
pii.detectedPII found in requestSensitive data detected
injection.detectedPrompt injection attemptPotential prompt injection blocked

Configuration Options

OptionTypeDefaultDescription
urlstringrequiredWebhook endpoint URL
eventsstring[]all eventsWhich events to send
filter.minRiskScorenumber0Only alert above this risk score
filter.modesstring[]all modesOnly alert for these policy modes
rateLimit.maxPerMinutenumber60Max alerts per minute
retry.maxRetriesnumber3Retry attempts on failure
retry.backoffMsnumber1000Initial backoff between retries

Next Steps

Datadog / Splunk

SIEM integration via OTLP

OpenTelemetry

Core telemetry export

Audit Schema

Full audit event format

All Integrations

View all integrations