Splunk® SOAR (On-premises)

Administer Splunk SOAR (On-premises)

The classic playbook editor will be deprecated in early 2025. Convert your classic playbooks to modern mode.
After the future removal of the classic playbook editor, your existing classic playbooks will continue to run, However, you will no longer be able to visualize or modify existing classic playbooks.
For details, see:
This documentation does not apply to the most recent version of Splunk® SOAR (On-premises). For documentation on the most recent version, go to the latest release.

Enable clickable URLs in CEF data

When a Common Event Format (CEF) field on an artifact contains URL data, the user interface can display a clickable link for it.

  • Use this setting to toggle whether clickable links are shown.
  • Only CEF values generated by automation or included in an artifact are controlled by this setting.
  • Since many URLs in CEF values are likely to be malicious, the default is Off.

Notes can contain URL data, and those URLs will be clickable unless they are escaped using the backtick or grave character ( ` ). URLs in notes are not controlled by this setting.

Example:

 `http://some.malicious.url.com`
Last modified on 13 March, 2023
Reset the admin and root passwords in   View cluster status and enable or disable a cluster

This documentation applies to the following versions of Splunk® SOAR (On-premises): 5.1.0, 5.2.1, 5.3.1, 5.3.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters