IntSights Splunk App for Splunk SOAR Activities
Copy link

You can use the Splunk App for SOAR to perform the following activities:

  • hunt file - Look for information about a file hash in the Digital Risk Protection (Threat Command) database
  • hunt domain - Look for information about a domain in the Digital Risk Protection (Threat Command) database
  • hunt ip - Look for information about an IP in the Digital Risk Protection (Threat Command) database
  • hunt url - Look for information about a URL in the Digital Risk Protection (Threat Command) database
  • on poll - Callback action for the on_poll ingest functionality
  • close alert - Close an alert in the Digital Risk Protection (Threat Command) dashboard
  • takedown request - Initiate a takedown request of an alert from the Digital Risk Protection (Threat Command) dashboard

For more information, see https://github.com/splunk-soar-connectors/intsights