IntSights Splunk App for Splunk SOAR Activities
You can use the Splunk App for SOAR to perform the following activities:
- hunt file - Look for information about a file hash in the Threat Command database
- hunt domain - Look for information about a domain in the Threat Command database
- hunt ip - Look for information about an IP in the Threat Command database
- hunt url - Look for information about a URL in the Threat Command database
- on poll - Callback action for the on_poll ingest functionality
- close alert - Close an alert in the Threat Command dashboard
- takedown request - Initiate a takedown request of an alert from the Threat Command dashboard
For more information, see https://github.com/splunk-soar-connectors/intsights
Did this page help you?