Splunk Attack Analyzer Connector for Splunk SOAR

This connector integrates with the Splunk Attack Analyzer platform to reduce the friction of repetitive manual tasks typically associated with investigating threats

Supported Actions

• get job screenshots: Get screenshots for the specified job and store them in the vault
• get pdf report: Get the PDF report for a completed job
• get job forensics: Get the consolidated forensics for a completed job
• get job summary: Get a job summary for a submitted job
• list recent jobs: Get a list of recent jobs
• detonate file: Submit File for Scanning
• detonate url: Submit New URL for Scanning
• get system tags: Retrieve system tags for a specific job
• on poll: Callback action for the on_poll ingest functionality
• test connectivity: Validate the asset configuration for connectivity using supplied configuration