Latest Version 2.4.0
May 22, 2024
Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
ThreatQuotient Splunk Soar Connector
Integrates a variety of ThreatQ services into Splunk SOAR
Built by
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 8.4, 8.0, 7.2, 7.1, 7.0, 6.4, 6.3, 6.2, 6.1
Rating
0
(0)
Log in to rate this app
Support
Developer Supported connector
Integrates a variety of ThreatQ services into Splunk SOAR
Supported Actions
- test connectivity: Validate the asset configuration for connectivity
- query indicators: Query ThreatQ for indicator context
- create indicators: Create indicators within ThreatQ
- create adversaries: Create adversaries within ThreatQ
- create custom objects: Create custom objects within ThreatQ
- add attribute: Adds an attribute to objects in ThreatQ
- add comment: Adds a comment to objects in ThreatQ
- add tag: Adds a tag to objects in ThreatQ
- set indicator status: Set a status for a given list of indicators
- create task: Create a task within ThreatQ
- create event: Create an event within ThreatQ
- start investigation: Start an investigation within ThreatQ
- upload spearphish: Upload a spearphish attempt to ThreatQ
- upload file: Upload (and parse) a file to ThreatQ
- get related objects: Query ThreatQ for an object's relationships
- create signature: Create a signature within ThreatQ
Categories
Information
Created By
SOAR Community
Source Code
GitHub(Opens new window)Type
connector
Downloads
790
Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing