Welcome to 6.0.0
If you are new to , read About in the Use manual to learn how you can use for security automation.
If your deployment uses the Splunk SOAR Automation Broker see the Release Notes for the concurrent release.
What's new in 6.0.0
This release of includes the following enhancements.
New SOAR default administrative user
|Starting with this release, the default administrative user is called |
|Find related playbooks||Find existing playbooks associated with your installed apps. You can use an existing playbook from the community or from your instance, so you do not have to create playbooks from scratch. For details, see Find existing playbooks for your apps.|
|Custom Functions and Custom Lists location update||Custom Functions and Custom Lists now have their own menu selections under the Home menu. They are no longer located within the Playbooks section. For details, see Add custom code to your playbook with a custom function and Create custom lists for use in playbooks.|
|User-based data paths||You can now specify the user who launched the current playbook run, either by id or name, when configuring datapaths in the following playbook blocks: action, code, custom function, decision, and filter. These options appear in the datapath picker under playbook . For details, see Specifying data in your playbook and Understanding datapaths in the Python playbook API Reference.|
|Nested values in custom fields||You can now access values nested inside custom fields using datapaths instead of writing custom code. For details, see Important datapaths in the Playbook API in the Python Playbook API Reference for documentation.|
|Pending icon for playbooks waiting to run||A new icon helps distinguish between playbooks that are currently running and those that are waiting. In the Sources view/Analyst queue, the Activity panel displays the following icons for the running playbook:
- Playbook is currently running
|New delimiter option for Playbook Automation API||For the |
|Playbook API decision endpoint Boolean values||automatically converts true and false strings to their Boolean values in the Playbook API decision endpoint. For details, see decision in the Playbook API article.|
|Performance improvement - loading apps||Default apps that are a part of Splunk SOAR install and upgrade are not fully installed until an asset is configured against them.|
Known issues for
This documentation applies to the following versions of Splunk® SOAR (On-premises): 6.0.0