search
Knowledge BaseRelease NotesRequest Demo

Notion Logs

Panther supports receiving Notion logs directly via webhook

hashtag
Overview

Panther ingests Notion audit logs through an HTTP Source, which receives events from a Notion connection. Learn more on Notion's documentation for adding security and compliance integrationsarrow-up-right.

circle-exclamation

This integration is only available to customers of Notion's Enterprise planarrow-up-right.

hashtag
Video overview

hashtag
How to onboard Notion logs to Panther

hashtag
Prerequisites

  • To successfully complete Step 2 below, your Notion user must have the Workspace owner role.

hashtag
Step 1: Create a new Notion source in Panther

  1. In the left-side navigation bar of your Panther Console, click Configure > Log Sources.

  2. Click Create New.

  3. Search for “Notion,” then click its tile.

    • In the slide-out panel, the Transport Mechanism dropdown in the upper-right corner will be pre-populated with the HTTP option.

  4. Click Start Setup. On the Notion log source setup page in the Panther Console, there is a "Transport Mechanism" dropdown with a value of "HTTP." To its right is a "Start Setup" button, and both are circled.

  5. Follow Panther's instructions for configuring an HTTP Source, beginning at Step 5.

    • The Schemas - Optional field will be pre-populated with the Notion schema(s).

    • You will be required to use HMAC authentication. This is the only method of authentication Notion supports.

      • The Header Name associated with your Secret Key Value will be locked with a value of x-notion-signature.

      • Be sure to securely copy your Secret Key Value, and store it in a safe location, as you will need it in the next step.

    • Payloads sent to this source are subject to the payload requirements for all HTTP sources.

    • Do not proceed to the next step until the creation of your HTTP endpoint has completed.

hashtag
Step 2: Create a new Panther Connection in Notion

Learn more about this process on Notion's documentation for adding security and compliance integrationsarrow-up-right.

  1. From the left-side navigation bar of your Notion tenant, click Settings.

  2. Under the Integrations section, click Connections.

  3. Click the Workspace tab.

  4. Find Panther and click Connect.

  5. In the popup modal, provide values for the following fields:

    • Webhook URL: Enter the HTTP Source URL you generated in Step 1.

    • Token: Enter the Secret Key Value you used in Step 1.

  6. Click Connect.

hashtag
Panther-managed detections

See Panther-managedarrow-up-right rules for Notion in the panther-analysis GitHub repositoryarrow-up-right.

hashtag
Supported log types

hashtag
Notion.AuditLogs

Notion.AuditLogs provide visibility into changes made to Notion workspaces.

PreviousNginx LogsNextOkta Logs

Last updated

Was this helpful?