Identifier Activity Analysis Dispatch

Description

Detects available indicators and routes them to related identifier activity analysis playbooks. The output of the analysis will update any artifacts, tasks, and indicator tags.

Type: Investigation
Product: Splunk SOAR
Apps:
Last Updated: 2023-02-28
Author: Lou Stella, Splunk
ID: fc0edc96-ab1f-48b9-1b4d-63da52dbfa74

Associated Detections

How To Implement

This playbook looks for artifacts and then dispatches the community Related Tickets playbooks. This playbook takes the output of those playbooks and nicely formats them into notes and tags indicators with their results.

Identifier Activity Analysis Dispatch

Description

Associated Detections

How To Implement

Explore Playbook

Required field

Reference

You May Also Enjoy

Windows MOVEit Transfer Writing ASPX

Windows Proxy Via Netsh

Windows Ldifde Directory Object Behavior

Windows Proxy Via Registry