Playbook: Risk Notable Merge Events

Description

This playbook finds related events based on key fields in a risk notable and allows the user to process the results and decide which events to merge into the current investigation.

How To Implement

For detailed implementation see https://docs.splunk.com/Documentation/ESSOC/latest/user/Useplaybookpack

Explore Playbook

Click the playbook screenshot to explore in more detail!

explore

Reference

source | version: 1