Manuals
Splunk® SOAR


Splunk SOAR is a cloud-based Security Orchestration, Automation, and Response (SOAR) system that is delivered as a SaaS (software-as-a-service) solution hosted and managed by Splunk.

Release Notes
Release notes for Splunk SOAR.

Splunk SOAR Service Description
Describes the benefits of the Splunk SOAR service.

Set Up Automation in Splunk SOAR
Set up and configure the Splunk Automation Broker to orchestrate and automate your notable responses for on-premises assets using apps, connectors and playbooks from Splunk SOAR.

Administer Splunk SOAR
Administer Splunk SOAR and customize the desired product settings.

Use Splunk SOAR
Learn how to use Splunk SOAR for security orchestration and automation using playbooks, workbooks, and cases.

Migrate from Splunk Phantom to Splunk SOAR
Migrate Splunk Phantom applications, playbooks, custom functions, and administration settings to Splunk SOAR.

Build Playbooks with the Visual Editor
Learn how to create and manage playbooks in Splunk Phantom to automate analyst workflows.

Python Playbook API Reference for Splunk SOAR
Reference documentation for the Python automation API in Splunk SOAR.

Python Playbook Tutorial for Splunk SOAR
Tutorial for the Splunk SOAR Playbook API.

REST API Reference for Splunk SOAR
Reference documentation for Splunk SOAR REST API endpoints.

Develop Apps for Splunk SOAR
A technical development guide to help you develop your own Splunk SOAR apps.