Steps to connect the Splunk platform with Splunk SOAR
Before you can use Splunk App for SOAR Export, you must establish a connection between the Splunk platform and Splunk SOAR. Perform the following tasks to make the connection:
- If you don't have Splunk Enterprise Security (ES), download and install the Splunk Common Information Model (CIM) app from Splunkbase.
- Allow Splunk platform users to use Splunk App for SOAR Export.
- Provide a valid SSL certificate for the connection between Splunk SOAR and Splunk Enterprise.
- Connect Splunk App for SOAR Export and the Splunk Platform to Splunk SOAR.
- (Optional) If you have Splunk Enterprise Security, Run adaptive response actions in Splunk ES to send notable events to Splunk SOAR.
Upgrade Splunk App for SOAR Export on Splunk Cloud Platform | Allow Splunk platform users to use Splunk App for SOAR Export |
This documentation applies to the following versions of Splunk® App for SOAR Export: 4.3.13, 4.3.21
Feedback submitted, thanks!