Playbook: Risk Notable Merge Events
Description
This playbook finds related events based on key fields in a risk notable and allows the user to process the results and decide which events to merge into the current investigation.
How To Implement
For detailed implementation see https://docs.splunk.com/Documentation/ESSOC/latest/user/Useplaybookpack
Explore Playbook
Click the playbook screenshot to explore in more detail!
Reference
source | version: 1