Splunk® SOAR (Cloud)

Splunk SOAR (Cloud) is a cloud-based Security Orchestration, Automation, and Response (SOAR) system that is delivered as a SaaS (software-as-a-service) solution hosted and managed by Splunk.

Release Notes
Release notes for Splunk SOAR.

Splunk SOAR (Cloud) Service Description
Describes the benefits of the Splunk SOAR service.

Set Up Automation in Splunk SOAR (Cloud)
Set up and configure the Splunk Automation Broker to orchestrate and automate your notable responses for on-premises assets using apps, connectors and playbooks from Splunk SOAR.

Administer Splunk SOAR (Cloud)
Administer Splunk SOAR and customize the desired product settings.

Use Splunk SOAR (Cloud)
Learn how to use Splunk SOAR for security orchestration and automation using playbooks, workbooks, and cases.

Migrate from Splunk Phantom to Splunk SOAR (Cloud)
Migrate Splunk Phantom applications, playbooks, custom functions, and administration settings to Splunk SOAR.

Build Playbooks with the Playbook Editor
Learn how to create and manage playbooks in Splunk SOAR to automate analyst workflows.

Python Playbook API Reference for Splunk SOAR (Cloud)
Reference documentation for the Python automation API in Splunk SOAR.

Python Playbook Tutorial for Splunk SOAR (Cloud)
Tutorial for the Splunk SOAR Playbook API.

REST API Reference for Splunk SOAR (Cloud)
Reference documentation for Splunk SOAR REST API endpoints.

Develop Apps for Splunk SOAR (Cloud)
A technical development guide to help you develop your own Splunk SOAR apps.