Splunk SOAR playbook Crowdstrike validation

Sidpet

I have playbook that validates a url given and assigns scores to it. I am able to run the playbook successfully but do not see the output. where do I see it in the crowdstrike app ? I am new here and trying to learn SOAR.

livehybrid

Hi @Sidpet

Have you configured the playbook to output the fields you are interested in seeing?

Check out https://docs.splunk.com/Documentation/SOAR/current/Playbook/CreatePlaybooks#:~:text=constructing%20y... for more info on how to Add outputs to your playbooks.

🌟 Did this answer help you? If so, please consider:

Adding karma to show it was useful
Marking it as the solution if it resolved your issue
Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing

Sidpet

thank you for the quick response. I have not configured. since I still learning a little more detail would be a great help. do I add another action block for output or can I configure the end block to do it? can you please share more info to help me

Sidpet

I have created a playbook and am trying to run it from an event I have configured. but when I click on the run playbook my playbook does not show in the list what is that I am missing?

Splunk SOAR playbook Crowdstrike validation

distributed search

Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...

Splunk Community Badges!

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Are you a member of the Splunk Community?

Splunk SOAR playbook Crowdstrike validation

distributed search

Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...

Splunk Community Badges!

What You Read The Most: Splunk Lantern’s Most Popular Articles!