Splunk® Intelligence Management (Legacy)

Developer Guide

Detection Integrations with REST API v1.3

Integrating a detection tool with Splunk Intelligence Management can support the exchange of data between the two platforms, providing enriched data that the detection tool can use in real-time analysis of security threats. See Configuration requirements to learn about the configuration details required for all integrations.

Recommended Functionality

Include the following REST API v1.3 commands in your integration:

Optional Functionality

You can use these commands to send data to Splunk Intelligence Management and share reports within Splunk Intelligence Management:

You can include this commands to extract data from Phishing emails:

You must have the Phishing Triage feature activated in Splunk Intelligence Management to use this command.

Last modified on 21 April, 2022
Case Management Integrations with REST API v1.3   SOAR Integrations with REST API v1.3

This documentation applies to the following versions of Splunk® Intelligence Management (Legacy): current


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters