All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Workflows or Ideas for Using Jira with Splunk ES/Phantom?

mathurin68
Observer
‎06-28-2021 02:47 PM

We are starting to get workflows for Jira/Confluence up and running and we purchased Splunk Enterprise Security/Phantom.  

I was just looking for ideas on workflows between the 3?  To make the best use of all of them, and of course,  the least amount of work for myself and my team.  Although I don't mind doing a lot of the work up front if I see it's going to help down the road.   

Thank you!!

 

0 Karma
Reply

venkatasri
SplunkTrust
SplunkTrust
‎06-28-2021 02:55 PM

Hi @mathurin68 

Splunk ES/ Phantom are security products and for Automation. Would you be able to explain how you want to use Jira with them is it source of your data?

 

0 Karma
Reply

mathurin68
Observer
‎06-29-2021 08:54 AM

Hey @venkatasri !

So that's kind of my question... I get what they are. I'm looking for workflows and just to see how other organizations are using all of them.  

If another organization has a successful 'workflow', I'd like to see if we can use it in our own organization, rather than re-invent the wheel.  

I know Phantom has a Jira Add-On-

Jira_Phantom.png

 

I'm looking for ideas on using all 3... just as a really simple example, 

1) Detecting an incident with Splunk Enterprise(or other security tool) 

2) Ticket created for this Detection in Jira

3) Whatever can be automated through incident use Phantom. 

4) Phantom continues to update ticket(status, add comment, etc) 

... I already know it would probably be something along those lines. 

Just looking for ideas on how anyone else is using all three, but specifically Jira and Phantom.  I'd take any use cases. 

 

 

Thank you!

 

 

 

 

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...