Latest Version 2.0.0
September 21, 2021
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Endace
The Endace App for Splunk SOAR receives events forwarded from a Splunk Enterprise instance, which are then parsed by the provided playbooks to search for packets of interest on an EndaceProbe fabric. When matching packets are found, these can be automatically downloaded and analyzed, or archived as PCAP files.
Built by
Compatibility
Not Available
Platform Version: 7.0, 6.4, 6.3, 6.2, 6.1, 6.0, 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9
Rating
0
(0)
Log in to rate this app
Support
Developer Supported connector
Ranking
#38
in Investigative
The Endace App for Splunk SOAR receives events forwarded from a Splunk Enterprise instance, which are then parsed by the provided playbooks to search for packets of interest on an EndaceProbe fabric. When matching packets are found, these can be automatically downloaded and analyzed, or archived as PCAP files.
Supported Actions
- test connectivity: Validate the asset configuration for connectivity using supplied configuration
- get pcap: Download a PCAP into the vault
- delete pcap: Delete the specified PCAP
- get status: Get the status of a previously executed query
- run query: Run a query to create a PCAP
Categories
Created By
SOAR Community
Source Code
Type
connector
Downloads
540
Licensing
Splunk Answers
Resources
Log in to report this app listing