Try in Splunk SOAR

Description

Detects available indicators and routes them to dispatch related ticket search playbooks. The output of the analysis will update any artifacts, tasks, and indicator tags.

  • Type: Investigation
  • Product: Splunk SOAR
  • Apps:
  • Last Updated: 2023-02-28
  • Author: Patrick Bareiss, Splunk
  • ID: fc0edc96-ab1f-48b9-9b4d-63da61bafe74
  • Use-cases:
    • Enrichment

Associated Detections

How To Implement

This playbook looks for artifacts and then dispatches the community Related Tickets playbooks. This playbook takes the output of those playbooks and nicely formats them into notes and tags indicators with their results.

Explore Playbook

explore

Required field

Reference

source | version: 1