Splunk SOAR (f.k.a. Phantom)
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

I was wondering if any of you had a cheat sheet to make playbooks to help automate my job for beginners.

robgray8430
New Member
‎03-17-2020 09:48 AM

So pretty much,

-Grabs the list of all vulnerabilities from big fix and/or tenable
-get subnets of the modes we will need to pull vulnerabilities from BigFix
-Have the returned list filter out ones for specific modes or either have the program use another program that does that task

-After all the list are sent to their respected Actions well have the program run the DNS, whois, and BigFix FISMA ID query tools

After all these tasks are completed we would like for Phantom to create a report of the findings and send them to our distro list.

"it would be broken down into individual reports that we can use to add to a remedy ticket"

Labels (2)
Labels
Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...