Triage app icon

Triage

A Splunk custom search command named `triage` for alert triage workflows.

Built by
splunk product badge
Latest Version 1.1.0
April 21, 2026
Compatibility
Splunk Enterprise, Splunk Cloud
Platform Version: 9.3
CIM Version: 6.x
Rating

0

(0)

Log in to rate this app
Support
Triage support icon
Not Supported
A Splunk custom search command named `triage` for alert triage workflows. Features -------- - Supports `model=claude` (Anthropic API) - Supports `model=ollama` (local Ollama HTTP API) - Heuristic fallback when no external model is reachable - File-based cache with TTL - Context field selection for prompts - IOC extraction and ATT&CK / kill-chain enrichment

Categories

SIEM

Created By

kadri kocaer

Type

addon

Licensing

MIT License(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing