What's new in Splunk SOAR Automation Broker
Splunk SOAR Automation Broker allows you to run playbooks, actions, or connect to applications or assets in your on-premises environment from your Splunk SOAR (Cloud) deployment.
Splunk SOAR Automation Broker can be used to run playbooks, actions, or connect to applications or assets in segregated segments of your organization's network from your Splunk SOAR (On-premises) deployment.
September 19, 2024
Feature | Description |
---|---|
Automation broker supports just-in-time credential asset settings | You can create assets that use "just in time" credentials with an Automation Broker. See Configure Just In Time Credentials for a Splunk SOAR (Cloud) asset in Add and configure apps and assets to provide actions in Splunk SOAR (Cloud). |
May 29, 2024
Feature | Description |
---|---|
Added environment variables to docker-compose.yaml | Added two new environment variables:
|
March 28, 2024
This release of the Splunk SOAR Automation Broker updates the operating system inside the container to Ubuntu 20.04.
Feature | Description |
---|---|
Replaced the operating system inside the container | The operating system inside the Splunk SOAR Automation Broker's container has been replaced with Ubuntu 20.04. |
November 30, 2023
This release of Splunk SOAR Automation Broker includes expanded support for privileged access managers such as CyberArk.
Feature | Description |
---|---|
Improved support for CyberArk privileged access manager | CyberArk integration with Splunk SOAR (Cloud) and Splunk SOAR (On-premises) was improved with their release 6.2.0. This Splunk SOAR Automation Broker supports those enhancements. For details, see Use CyberArk Vault Privileged Access Manager with Splunk SOAR (On-premises) in the Manage your organization's credentials with a password vault topic. |
September 07, 2023
This release of Splunk SOAR Automation Broker includes bug fixes for known issues.
July 12, 2023
This release of Splunk SOAR Automation Broker includes the following enhancements:
Feature | Description |
---|---|
Support for FIPS | Splunk SOAR Automation Broker now supports FIPS mode at Security Level 1. |
Based in Ubuntu | Splunk SOAR Automation Broker is now based in Ubuntu, not Centos. |
May 17, 2023
This release of Splunk SOAR Automation Broker includes the following enhancements:
Feature | Description |
---|---|
Support for Podman | The containerization solution Podman can be used to install, run, and manage your Splunk SOAR Automation Broker. See these topics for additional information: |
February 22, 2023
This release of Splunk SOAR Automation Broker includes the following enhancements:
Feature | Description |
---|---|
Automatic rotation for authentication keys | User authentication keys (also referred to as tokens) are now automatically rotated every 30 days. A process runs at 10 PM (of the paired SOAR deployment's local time) to identify and mark any of the user authentication keys which need to be reauthenticated, then new keys are sent via websocket from SOAR to the Automation Broker. No user intervention is required. |
Enhancements for 2022 releases
Expand to see all enhancements for 2022 releases.
December 14, 2022
This release of Splunk SOAR Automation Broker includes the following enhancements:
Feature | Description |
---|---|
New UI for reauthorizing authentication keys | A new menu item was added to the user interface to get new credentials for Automation Brokers whose credentials have expired. See Rotate the encryption keys for the Splunk SOAR Automation Broker in Set Up and Manage the Splunk SOAR Automation Broker for more information. |
October 27, 2022
This release of Splunk SOAR Automation Broker includes the following enhancements:
Feature | Description |
---|---|
Automatic update for Splunk SOAR Automation Broker | Once upgraded to this release, the Splunk SOAR Automation Broker can automatically upgrade itself when new versions are released. See Upgrade or update the Splunk SOAR Automation Broker in Set Up and Manage the Splunk SOAR Automation Broker. |
Simplified install process | The process for installing and configuring the Splunk SOAR Automation Broker has been simplified. See Install Splunk SOAR Automation Broker. |
Splunk SOAR Automation Broker available for Splunk SOAR (On-premises) | You can now use the Splunk SOAR Automation Broker in Splunk SOAR (On-premises) deployments. The Splunk SOAR Automation Broker acts to connect assets in complex network configurations to your Splunk SOAR (On-premises) instance. See About Splunk SOAR Automation Broker. |
September 28, 2022
This release of Splunk SOAR Automation Broker includes the following enhancements:
Feature | Description |
---|---|
Removed Splunk Cloud Gateway dependency | The Splunk SOAR Automation Broker no longer requires Splunk Cloud Gateway to connect your on-premises services to your Splunk SOAR (Cloud) deployment. |
Simplified the process for adding trusted certificates | If you have previously installed custom CA certificates for your Splunk SOAR Automation Broker, you must add them again. See: Add a Certificate Authority to the Splunk SOAR Automation Broker. |
Notifications | The Splunk SOAR Automation Broker establishes a direct connection to your Splunk SOAR deployment to receive action notifications. |
Configuration updates | The Splunk SOAR Automation Broker configuration will be automatically updated when a Docker image with a new version of Automation Broker is started. |
Known issues for Splunk SOAR Automation Broker |
This documentation applies to the following versions of Splunk® Automation Broker: current
Feedback submitted, thanks!