Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Darktrace for Splunk SOAR app icon

Darktrace for Splunk SOAR

This app integrates with Darktrace to perform investigative and containment actions

soar product badge

Compatibility
Not Available
Platform Version: 6.4, 6.3, 6.2, 6.1, 6.0, 5.5, 5.4, 5.3
Rating

0

(0)

Log in to rate this app
Ranking

#45

in SIEM
This app integrates with Darktrace to perform investigative and containment actions

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity using the supplied configuration
  • get device tags: Receive all of the tags that are currently applied to a device
  • get tagged devices: Receive all of the devices that currently have a given tag
  • get breach comments: Receive all comments made on a model breach
  • on poll: Ingests Darktrace model breaches and Cyber AI Analyst investigations
  • get device description: Receive device description for the specified device
  • get device modelbreaches: Receive recent model breaches for the specified device
  • acknowledge breach: Acknowledge a model breach
  • unacknowledge breach: Unacknowledge a model breach
  • post comment: Post a comment to a model breach
  • post tag: Post a tag to a device
  • get breach connections: Receive connections involved in a model breach

Categories

Created By

SOAR Community

Type

connector

Downloads

636

Resources

Login to report this app listing