SlackSifter
Native macOS desktop application that parses Slack Enterprise Grid export ZIPs into CSV, SQLite, and RSMF 2.0 outputs for eDiscovery ingestion. Handles complex four-ZIP Enterprise Grid layouts with 250/250 automated tests passing and full tombstone and daily RSMF windowing support.
The Problem
Slack is now one of the most common custodian data sources in corporate eDiscovery. But the standard workflow of exporting a ZIP from the Slack admin console and handing it to a vendor for processing is slow, expensive, and requires sending potentially sensitive data off-premises.
Legal ops teams at companies running Slack Enterprise Grid need a way to process exports locally, without network connectivity, and produce outputs that plug directly into review platforms like Relativity.
No good offline tool existed. SlackSifter fills that gap.
Approach
SlackSifter is a native macOS desktop app built with Python and distributed via PyInstaller as a self-contained .app bundle. The user drops a Slack export ZIP into the app, selects output formats, and the app handles the rest locally. No internet required, no data leaves the machine.
The parsing pipeline handles the full Slack JSON export schema: workspaces, channels, direct messages, threads, reactions, and attachments. Three output formats are supported:
- CSV | flat file export suitable for review in Excel or bulk import
- SQLite | structured database for SQL-based analysis or custom tooling
- RSMF 2.0 | the Relativity Short Message Format spec, ready for direct ingestion into Relativity One
The test suite was built test-first, with 250 tests covering edge cases in the Slack JSON schema, Unicode handling, empty channel states, thread nesting, and output format compliance.
Outcome
SlackSifter shipped to MVP with all 250 tests passing and was validated against production-scale Enterprise Grid data, confirming it handles production-scale enterprise data correctly. The distributable .app bundle runs without any Python environment on the end user's machine.
Stack
Python handles all parsing logic and output generation. PyInstaller bundles the app into a standalone macOS binary. SQLite is used both as an output format and internally for efficient data staging during large export processing. pytest drives the full test suite.
What I Learned
Shipping a PyInstaller bundle with correct asset path resolution is harder than it looks. The transition from dev environment paths to the frozen app bundle requires careful abstraction at every file access point. That's the next session's work.