Splunk® App for SOAR Export

Use the Splunk App for SOAR Export to Forward Events

This documentation does not apply to the most recent version of Splunk® App for SOAR Export. For documentation on the most recent version, go to the latest release.

Steps to connect the Splunk platform with Splunk SOAR

Before you can use Splunk App for SOAR Export, you must establish a connection between the Splunk platform and Splunk SOAR. Perform the following tasks to make the connection:

  1. If you don't have Splunk Enterprise Security (ES), download and install the Splunk Common Information Model (CIM) app from Splunkbase.
  2. Enable Splunk platform users to use Splunk App for SOAR Export.
  3. Provide a valid SSL certificate for the connection between Splunk SOAR and Splunk Enterprise.
  4. Connect Splunk App for SOAR Export and the Splunk Platform to Splunk SOAR.
  5. (Optional) If you have Splunk Enterprise Security, Run adaptive response actions in Splunk ES to send notable events to Splunk SOAR.
Last modified on 07 May, 2024
Upgrade Splunk App for SOAR Export on Splunk Cloud Platform   Enable Splunk platform users to use Splunk App for SOAR Export

This documentation applies to the following versions of Splunk® App for SOAR Export: 4.1.117, 4.1.135, 4.2.3, 4.3.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters