Configure apps and assets in Splunk SOAR
Apps expand the capabilities of Splunk SOAR by connecting to third-party products and services. These third-party products and services provide actions you can run or automate in your Splunk SOAR playbooks. For example, the MaxMind app provides the geolocate_ip
action for your Splunk SOAR deployment.
An asset is a specific configuration, or instance, of an app. An asset is configured with the information required to communicate with the third-party product or service, such as IP address, automation service account, username, and password.
See also
For details on apps and assets in Splunk SOAR, see Add and configure apps and assets to provide actions in Splunk SOAR (Cloud) in the Administer Splunk SOAR (Cloud) documentation.
Configure automation rules to run playbooks based on findings in Splunk Enterprise Security | Create playbooks in Splunk SOAR |
This documentation applies to the following versions of Splunk® Enterprise Security: 8.0.0, 8.0.1
Feedback submitted, thanks!