Playbook: Risk Notable Import Data
Description
This playbook gathers all of the events associated with the risk notable and imports them as artifacts. It also generates a custom markdown formatted note.
Apps
How To Implement
For detailed implementation see https://docs.splunk.com/Documentation/ESSOC/latest/user/Useplaybookpack
Explore Playbook
Click the playbook screenshot to explore in more detail!
Required fields
-
event_id
-
info_min_time
-
info_max_time
-
risk_object
-
risk_object_type
Reference
source | version: 1