Notification Channels
Control Zero can send governance alerts to multiple channels simultaneously. Configure which channels receive alerts and at what severity level from the Settings > Notifications page.
Available Channels
Slack
Post alerts to a Slack channel via an incoming webhook.
Configuration fields:
- Webhook URL -- Create an incoming webhook in your Slack workspace at api.slack.com/messaging/webhooks and paste the URL here.
- Channel -- The target channel (e.g.
#alerts). This is informational; the webhook determines the actual destination.
Alerts are sent as rich Slack attachments with color-coded severity.
Telegram
Receive alerts via a Telegram bot.
Configuration fields:
- Bot Token -- Create a bot via @BotFather and use the token it provides.
- Chat ID -- The chat or group ID where alerts should be sent. Use @userinfobot to find your chat ID.
Discord
Post alerts to a Discord channel via webhook. Alerts are sent as rich embeds with color-coded severity.
Configuration fields:
- Webhook URL -- Create a webhook in your Discord server under Channel Settings > Integrations > Webhooks.
Discord rate limits apply (5 requests per 2 seconds per webhook). The system respects these limits.
Email (via Resend)
Send alert emails to one or more recipients via the Resend API.
Configuration fields:
- Email Addresses -- Comma-separated list of recipient email addresses (e.g.
ops@yourcompany.com, security@yourcompany.com).
Emails are sent from alerts@controlzero.ai with HTML formatting. The subject line includes the alert severity level.
Server-side requirement: The RESEND_API_KEY environment variable must be set on the backend for email delivery to work.
Webhook (Generic)
POST a JSON payload to any HTTP endpoint. Useful for integrating with custom alerting systems, PagerDuty, Opsgenie, or any service that accepts webhooks.
Configuration fields:
- Endpoint URL -- The full URL where alert payloads will be POSTed.
- Signing Secret (optional) -- If provided, every request includes an
X-CZ-Signatureheader containing an HMAC-SHA256 hex digest of the request body, computed with this secret.
Payload format:
{
"event": "alert",
"level": "error",
"title": "Policy Violation Detected",
"message": "Agent attempted to call blocked tool: execute_shell",
"service": "control-zero",
"timestamp": "2026-04-11T14:30:00Z",
"metadata": {
"organization_id": "...",
"project_id": "..."
}
}
Signature verification (pseudocode):
import hmac, hashlib
expected = hmac.new(
key=signing_secret.encode(),
msg=request_body,
digestmod=hashlib.sha256
).hexdigest()
assert expected == request.headers["X-CZ-Signature"]
Webhook requests have a 5-second timeout and do not retry on failure.
Alert Levels
Each channel can be configured with a minimum alert level. Only alerts at or above the configured level are sent to that channel.
| Level | Description |
|---|---|
| Debug | Verbose diagnostic events |
| Info | Routine operational events |
| Warning | Conditions that may require attention |
| Error | Failures that need investigation |
| Critical | Urgent issues requiring immediate action |
Tier Availability
| Channel | Free | Solo | Teams |
|---|---|---|---|
| Telegram | Yes | Yes | Yes |
| Slack | -- | Yes | Yes |
| -- | Yes | Yes | |
| Discord | -- | Yes | Yes |
| Webhook | -- | Yes | Yes |
Testing Notifications
Each channel has a "Send test notification" button in the settings page. Use this to verify your configuration is correct before relying on it for production alerts.