Try in Splunk SOAR


This playbook was designed to be called by a user to process indicators that are marked as suspicious within the SOAR platform. Analysts will review indicators in a prompt and mark them as blocked or safe.

  • Type: Response
  • Product: Splunk SOAR
  • Apps: None
  • Last Updated: 2021-10-22
  • Author: Kelby Shelton, Splunk
  • ID: rn0edc96-ff2b-48b0-9f6f-73da3783fd63

Associated Detections

How To Implement


Required field


source | version: 1