private
def endpoint
  # URI.parse "https://#{@team}.slack.com/services/hooks/incoming-webhook?token=#{@api_key}"
  URI.parse "https://hooks.slack.com/services/XXXXXXXXX/XXXXXXXXX/XXXXXXXXXXXXXXXXXXXXXXXX"
end

https://slack.com/api/chat.postMessage?token=xoxp-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXXXX&channel=XXXXXXXXX&text=XXXXX&username=XXXXX'

<source>
  type tail
  path /var/log/secure
  format syslog
  tag secure_log
  pos_file /var/log/td-agent/syslog_secure.pos
</source>

<match secure_log.**>
  type grep
  input_key message
  regexp Accepted|failure|Invalid
  add_tag_prefix greped
</match>

<match greped.**>
  type buffered_slack
  api_key API_KEY
  team TEAMNAME
  channel %23general # You should use %23 in return for #
  username fluentd
  color danger
  icon_emoji :shit:
  buffer_path /var/log/td-agent/buffer/
  flush_interval 5s
</match>