We are starting to get workflows for Jira/Confluence up and running and we purchased Splunk Enterprise Security/Phantom.
I was just looking for ideas on workflows between the 3? To make the best use of all of them, and of course, the least amount of work for myself and my team. Although I don't mind doing a lot of the work up front if I see it's going to help down the road.
Thank you!!
Hi @mathurin68
Splunk ES/ Phantom are security products and for Automation. Would you be able to explain how you want to use Jira with them is it source of your data?
Hey @venkatasri !
So that's kind of my question... I get what they are. I'm looking for workflows and just to see how other organizations are using all of them.
If another organization has a successful 'workflow', I'd like to see if we can use it in our own organization, rather than re-invent the wheel.
I know Phantom has a Jira Add-On-
I'm looking for ideas on using all 3... just as a really simple example,
1) Detecting an incident with Splunk Enterprise(or other security tool)
2) Ticket created for this Detection in Jira
3) Whatever can be automated through incident use Phantom.
4) Phantom continues to update ticket(status, add comment, etc)
... I already know it would probably be something along those lines.
Just looking for ideas on how anyone else is using all three, but specifically Jira and Phantom. I'd take any use cases.
Thank you!