Splunk SOAR

SOAR: Is it possible to retrieve the (splunk soar) instance details inside a playbook?

goncalocoelho
Path Finder

Hi All,

is it possible to retrieve the (splunk soar) instance details inside a playbook?

For instance when sending an email, I want to be able to tell if the playbook ran in dev or prod environment.

Is there a list of all the global environment variables?

 

Thanks in advance

Labels (2)
Tags (2)
0 Karma
1 Solution

phanTom
SplunkTrust
SplunkTrust

@goncalocoelho the best way, IMO, will be to use REST and hit the `/rest/system_settings` endpoint and get something from the company_info_settings to determine if dev/prod. 

E.g. If you set the system/instance name to reflect the environment you could parse that, or just use the fqdn setting to work out where it came from. 

This will need to be coded either in a code block or custom function. 

View solution in original post

0 Karma

phanTom
SplunkTrust
SplunkTrust

@goncalocoelho the best way, IMO, will be to use REST and hit the `/rest/system_settings` endpoint and get something from the company_info_settings to determine if dev/prod. 

E.g. If you set the system/instance name to reflect the environment you could parse that, or just use the fqdn setting to work out where it came from. 

This will need to be coded either in a code block or custom function. 

0 Karma

goncalocoelho
Path Finder

Thanks for your reply @phanTom, that seems a very good approach!

I'll try that and share my findings here for everyone

0 Karma
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...