Latest Version 1.0.8
April 14, 2025
Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
Darktrace for Splunk SOAR
This app integrates with Darktrace to perform investigative and containment actions
Built by
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 8.4, 8.0, 7.2, 7.1, 7.0, 6.4, 6.3, 6.2, 6.1, 6.0, 5.5, 5.4, 5.3
Rating
0
(0)
Log in to rate this app
Support
Developer Supported connector
This app integrates with Darktrace to perform investigative and containment actions
Supported Actions
- test connectivity: Validate the asset configuration for connectivity using the supplied configuration
- get device tags: Receive all of the tags that are currently applied to a device
- get tagged devices: Receive all of the devices that currently have a given tag
- get breach comments: Receive all comments made on a model breach
- on poll: Ingests Darktrace model breaches and Cyber AI Analyst investigations
- get device description: Receive device description for the specified device
- get device modelbreaches: Receive recent model breaches for the specified device
- acknowledge breach: Acknowledge a model breach
- unacknowledge breach: Unacknowledge a model breach
- post comment: Post a comment to a model breach
- post tag: Post a tag to a device
- get breach connections: Receive connections involved in a model breach
Categories
Network Security, SIEM
Created By
SOAR Community
Source Code
darktrace(Opens new window)Type
connector
Downloads
715
Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing