Splunk SOAR
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

I was wondering if any of you had a cheat sheet to make playbooks to help automate my job for beginners.

robgray8430
New Member
‎03-17-2020 09:48 AM

So pretty much,

-Grabs the list of all vulnerabilities from big fix and/or tenable
-get subnets of the modes we will need to pull vulnerabilities from BigFix
-Have the returned list filter out ones for specific modes or either have the program use another program that does that task

-After all the list are sent to their respected Actions well have the program run the DNS, whois, and BigFix FISMA ID query tools

After all these tasks are completed we would like for Phantom to create a report of the findings and send them to our distro list.

"it would be broken down into individual reports that we can use to add to a remedy ticket"

Labels (2)
Labels
Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...

The Latest Cisco Integrations With Splunk Platform!

Join us for an exciting tech talk where we’ll explore the latest integrations in Cisco + Splunk! We’ve ...

AI Adoption Hub Launch | Curated Resources to Get Started with AI in Splunk

Hey Splunk Practitioners and AI Enthusiasts! It’s no secret (or surprise) that AI is at the forefront of ...