Splunk Enterprise Security

Is the webhook option supported for adaptive response actions in Enterprise Security?

tauricecobbins
Engager

The webhook opiont is only available under Search & Reporting alert actions. This option in not available in the adaptive response actions for correlation searches in ES. Is the webhook a supported option for ES?

starcher
SplunkTrust
SplunkTrust

That action isn’t written as an AR. You are better off writing your own webhook alert action for your purpose using Splunk Add on builder as an AR.

https://docs.splunk.com/Documentation/AddonBuilder/2.2.0/UserGuide/Overview

0 Karma
Get Updates on the Splunk Community!

Ready, Set, SOAR: How Utility Apps Can Up Level Your Playbooks!

 WATCH NOW Powering your capabilities has never been so easy with ready-made Splunk® SOAR Utility Apps. Parse ...

DevSecOps: Why You Should Care and How To Get Started

 WATCH NOW In this Tech Talk we will talk about what people mean by DevSecOps and deep dive into the different ...

Introducing Ingest Actions: Filter, Mask, Route, Repeat

WATCH NOW Ingest Actions (IA) is the best new way to easily filter, mask and route your data in Splunk® ...