Notifications
Notifications
Table of Contents
- Overview
- Configuration Overview
- Global Examples
- Service Examples
- Amazon SES
- Amazon SNS
- Bark
- DingTalk (DingDing)
- Discord
- FCM
- Google Chat
- HTTP Webhooks
- Lark
- Line
- Line Notify
- Mail (SMTP)
- Mailgun
- Matrix
- Mattermost
- Microsoft Teams
- PagerDuty
- Plivo
- Pushbullet
- Pushbullet SMS
- Pushover
- Rocket.Chat
- SendGrid
- Slack
- Syslog
- Telegram
- TextMagic
- Twilio
- Viber
- Web Push
- Custom Templates
- Notes
Overview
Sliver can send server event notifications via the github.com/nikoksr/notify services. Notifications are configured in server.yaml under the notifications block (located at ~/.sliver/configs/server.yaml by default).
Notifications are disabled by default. Enable them globally, then enable one or more services. You can optionally filter which events are sent globally or per-service.
Configuration Overview
notifications.enabled- Master switch for notifications.notifications.events- Optional list of event types to send. Empty means all events.notifications.services.<service>.enabled- Enable a specific service.notifications.services.<service>.events- Optional per-service event filter. If empty, the global list is used.- Any string field can reference an environment variable by using
$ENV_VARor${ENV_VAR}.
Global Examples
Example: Slack + Telegram with Event Filters
notifications:
enabled: true
events:
- session-connected
- session-disconnected
services:
slack:
enabled: true
api_token: "$SLIVER_SLACK_TOKEN"
channels:
- "C0123456789"
telegram:
enabled: true
api_token: "$SLIVER_TELEGRAM_TOKEN"
chat_ids:
- "123456789"
events:
- session-connected
Example: HTTP Webhooks + Syslog
notifications:
enabled: true
services:
http:
enabled: true
urls:
- "https://hooks.example.com/sliver"
webhooks:
- url: "https://hooks.example.com/sliver-auth"
method: "POST"
content_type: "application/json"
headers:
Authorization: "$SLIVER_WEBHOOK_TOKEN"
syslog:
enabled: true
priority: "info"
network: "udp"
address: "127.0.0.1:514"
tag: "sliver"
Service Examples
Each example below shows the service-specific block under notifications.services. All examples assume notifications.enabled: true.
Amazon SES
services:
amazon_ses:
enabled: true
access_key_id: "$AWS_ACCESS_KEY_ID"
secret_key: "$AWS_SECRET_ACCESS_KEY"
region: "us-east-1"
sender_address: "alerts@example.com"
receivers:
- "ops@example.com"
Amazon SNS
services:
amazon_sns:
enabled: true
access_key_id: "$AWS_ACCESS_KEY_ID"
secret_key: "$AWS_SECRET_ACCESS_KEY"
region: "us-east-1"
receivers:
- "https://sns.us-east-1.amazonaws.com/123456789012/my-topic"
Bark
services:
bark:
enabled: true
device_key: "$BARK_DEVICE_KEY"
servers:
- "https://api.day.app/"
DingTalk (DingDing)
services:
dingding:
enabled: true
token: "$DINGDING_TOKEN"
secret: "$DINGDING_SECRET"
Discord
services:
discord:
enabled: true
token: "$DISCORD_BOT_TOKEN"
token_type: "bot" # bot (default) or oauth
channels:
- "123456789012345678"
FCM
services:
fcm:
enabled: true
credentials_file: "/path/to/firebase.json"
project_id: "my-firebase-project"
device_tokens:
- "$FCM_DEVICE_TOKEN"
Google Chat
services:
google_chat:
enabled: true
credentials_file: "/path/to/google-chat.json"
spaces:
- "AAAA1234567"
HTTP Webhooks
services:
http:
enabled: true
urls:
- "https://hooks.example.com/sliver"
webhooks:
- url: "https://hooks.example.com/sliver-auth"
method: "POST"
content_type: "application/json"
headers:
Authorization: "$SLIVER_WEBHOOK_TOKEN"
Lark
services:
lark:
enabled: true
webhook:
url: "$LARK_WEBHOOK_URL"
custom_app:
app_id: "$LARK_APP_ID"
app_secret: "$LARK_APP_SECRET"
receivers:
- type: "open_id"
id: "ou_1234567890abcdef"
Line
services:
line:
enabled: true
channel_secret: "$LINE_CHANNEL_SECRET"
channel_access_token: "$LINE_CHANNEL_ACCESS_TOKEN"
receivers:
- "U1234567890abcdef"
Line Notify
services:
line_notify:
enabled: true
receivers:
- "$LINE_NOTIFY_TOKEN"
Mail (SMTP)
services:
mail:
enabled: true
sender_address: "alerts@example.com"
smtp_host: "smtp.example.com:587"
smtp_identity: ""
smtp_username: "$SMTP_USER"
smtp_password: "$SMTP_PASSWORD"
smtp_auth_host: "smtp.example.com"
body_type: "plain" # plain or html
receivers:
- "ops@example.com"
Mailgun
services:
mailgun:
enabled: true
domain: "mg.example.com"
api_key: "$MAILGUN_API_KEY"
sender_address: "alerts@mg.example.com"
receivers:
- "ops@example.com"
Matrix
services:
matrix:
enabled: true
user_id: "@bot:matrix.example"
room_id: "!roomid:matrix.example"
home_server: "https://matrix.example"
access_token: "$MATRIX_ACCESS_TOKEN"
Mattermost
services:
mattermost:
enabled: true
url: "https://mattermost.example.com"
login_id: "$MM_LOGIN_ID"
password: "$MM_PASSWORD"
channels:
- "channel-id"
Microsoft Teams
services:
msteams:
enabled: true
webhooks:
- "$MSTEAMS_WEBHOOK"
wrap_text: true
disable_webhook_validation: false
user_agent: "sliver-notify"
PagerDuty
services:
pagerduty:
enabled: true
token: "$PAGERDUTY_TOKEN"
from_address: "alerts@example.com"
receivers:
- "P123456"
notification_type: "incident"
urgency: "high"
priority_id: "PQ123456"
Plivo
services:
plivo:
enabled: true
auth_id: "$PLIVO_AUTH_ID"
auth_token: "$PLIVO_AUTH_TOKEN"
source: "+15551234567"
callback_url: "https://example.com/plivo"
callback_method: "POST"
receivers:
- "+15557654321"
Pushbullet
services:
pushbullet:
enabled: true
api_token: "$PUSHBULLET_TOKEN"
device_nicknames:
- "MyPhone"
Pushbullet SMS
services:
pushbullet_sms:
enabled: true
api_token: "$PUSHBULLET_TOKEN"
device_nickname: "MyPhone"
phone_numbers:
- "+15557654321"
Pushover
services:
pushover:
enabled: true
app_token: "$PUSHOVER_APP_TOKEN"
recipients:
- "$PUSHOVER_USER_KEY"
services:
reddit:
enabled: true
client_id: "$REDDIT_CLIENT_ID"
client_secret: "$REDDIT_CLIENT_SECRET"
username: "$REDDIT_USERNAME"
password: "$REDDIT_PASSWORD"
recipients:
- "target_user"
Rocket.Chat
services:
rocketchat:
enabled: true
server_url: "chat.example.com"
scheme: "https"
user_id: "$ROCKETCHAT_USER_ID"
token: "$ROCKETCHAT_TOKEN"
channels:
- "#ops"
SendGrid
services:
sendgrid:
enabled: true
api_key: "$SENDGRID_API_KEY"
sender_address: "alerts@example.com"
sender_name: "Sliver"
receivers:
- "ops@example.com"
Slack
services:
slack:
enabled: true
api_token: "$SLIVER_SLACK_TOKEN"
channels:
- "C0123456789"
Syslog
services:
syslog:
enabled: true
priority: "info"
network: "udp"
address: "127.0.0.1:514"
tag: "sliver"
Telegram
services:
telegram:
enabled: true
api_token: "$SLIVER_TELEGRAM_TOKEN"
chat_ids:
- "123456789"
parse_mode: "HTML"
TextMagic
services:
textmagic:
enabled: true
username: "$TEXTMAGIC_USER"
api_key: "$TEXTMAGIC_API_KEY"
phone_numbers:
- "+15557654321"
Twilio
services:
twilio:
enabled: true
account_sid: "$TWILIO_ACCOUNT_SID"
auth_token: "$TWILIO_AUTH_TOKEN"
from_number: "+15551234567"
phone_numbers:
- "+15557654321"
services:
twitter:
enabled: true
consumer_key: "$TWITTER_CONSUMER_KEY"
consumer_secret: "$TWITTER_CONSUMER_SECRET"
access_token: "$TWITTER_ACCESS_TOKEN"
access_token_secret: "$TWITTER_ACCESS_TOKEN_SECRET"
recipients:
- "1234567890"
Viber
services:
viber:
enabled: true
app_key: "$VIBER_APP_KEY"
sender_name: "Sliver"
sender_avatar: "https://example.com/avatar.png"
webhook_url: "https://example.com/viber-webhook"
receivers:
- "viber-user-id"
Web Push
services:
webpush:
enabled: true
vapid_public_key: "$WEBPUSH_PUBLIC_KEY"
vapid_private_key: "$WEBPUSH_PRIVATE_KEY"
subscriptions:
- endpoint: "https://push.example.com/123"
keys:
p256dh: "$WEBPUSH_P256DH"
auth: "$WEBPUSH_AUTH"
services:
wechat:
enabled: true
app_id: "$WECHAT_APP_ID"
app_secret: "$WECHAT_APP_SECRET"
token: "$WECHAT_TOKEN"
encoding_aes_key: "$WECHAT_AES_KEY"
receivers:
- "wechat-user-id"
services:
whatsapp:
enabled: true
receivers:
- "whatsapp-contact"
Custom Templates
You can render notification messages using Go templates with either template/text or template/html. Templates are loaded from:
<app dir>/notifications/templates/
By default this is ~/.sliver/notifications/templates/. Only a filename is allowed (no path separators) and .. is rejected to prevent path traversal.
Configure per-event templates under notifications.templates:
notifications:
enabled: true
templates:
session-connected:
type: "text" # text (default) or html
template: "session.tmpl"
session-disconnected:
type: "html"
template: "session.html"
Template data available:
.EventType.Session.Beacon.Job.Client.Error.DefaultSubject.DefaultMessage.Timestamp(UTC)
Example session.tmpl (text):
{{ .DefaultSubject }}
Event: {{ .EventType }}
Host: {{ if .Session }}{{ .Session.Hostname }}{{ end }}
User: {{ if .Session }}{{ .Session.Username }}{{ end }}
Example session.html (html):
<h3>{{ .DefaultSubject }}</h3>
<p>Event: {{ .EventType }}</p>
<p>Host: {{ if .Session }}{{ .Session.Hostname }}{{ end }}</p>
<p>User: {{ if .Session }}{{ .Session.Username }}{{ end }}</p>
Notes
- Environment variable expansion only applies to string fields (API keys, tokens, URLs, etc.).
- If a service configuration is incomplete, that service is skipped and the server continues without it.