Try in Splunk SOAR


Accepts a url link, IP, or domain to be detonated using API connector.

  • Type: Investigation
  • Product: Splunk SOAR
  • Apps:
  • Last Updated: 2023-03-23
  • Author: Teoderick Contreras, Splunk
  • ID: a1173c28-7b33-4a56-9d7f-5dbbca595cb0
  • Use-cases:
    • Enrichment
    • Phishing
    • Endpoint

Associated Detections

How To Implement

This input playbook requires the API connector to be configured. It is designed to work in conjunction with the Dynamic Attribute Lookup playbook or other playbooks in the same style.


ID Technique Definition Category
D3-DA Dynamic Analysis Executing or opening a file in a synthetic "sandbox" environment to determine if the file is a malicious program or if the file exploits another program such as a document reader. File Analysis

Explore Playbook


Required field


source | version: 1