Try in Splunk SOAR


The hunting Playbook queries a number of internal security technologies in order to determine if any of the artifacts present in your data source have been observed in your environment.

Associated Detections

How To Implement

Be sure to update asset naming to reflect the asset names configured in your environment.

Explore Playbook


Required field

  • fileHash
  • vault_id


source | version: 1