This documentation does not apply to the most recent version of Splunk® Add-on for Splunk Attack Analyzer.
For documentation on the most recent version, go to the latest release.
What's new in the Splunk Add-on for Splunk Attack Analyzer
This release of the Splunk Add-on for Splunk Attack Analyzer includes the following enhancements.
Compatibility
This app is compatible with Splunk Enterprise 9.0.x or higher and Splunk Cloud Platform. For product details, see Splunk Enterprise and Splunk Cloud Platform.
This app is also compatible with Splunk Enterprise Security 7.2.0 and higher, but the compatibility with Splunk Enterprise Security only applies to the Submit URL to Attack Analyzer adaptive response action.
What's New in 1.1.0
| New Feature or Enhancement | Description |
|---|---|
| View Attack Analyzer job information in Splunk Enterprise Security | Once you have configured the Submit URL to Attack Analyzer adaptive response action, from Incident Review in Splunk Enterprise Security you can run the adaptive response action on a notable and then view Splunk Attack Analyzer job information in History on the notable. See View Attack Analyzer job information in Splunk Enterprise Security. |
| Submit URL in Attack Analyzer workflow action | From the Splunk Platform, you can open any event with a URL field in Search & Reporting and use the workflow action Submit URL in Attack Analyzer to open and submit the URL in Attack Analyzer to quickly pivot between products. See Use the Submit URL in Attack Analyzer workflow action. |
Last modified on 12 March, 2024
| Troubleshoot the Splunk Add-on for Splunk Attack Analyzer | Known issues for the Splunk Add-on for Splunk Attack Analyzer |
This documentation applies to the following versions of Splunk® Add-on for Splunk Attack Analyzer: 1.1.0
Download manual
Feedback submitted, thanks!