Welcome to Splunk SOAR (On-premises) 6.1.1
The Splunk SOAR (On-premises) platform combines security infrastructure orchestration, playbook automation, and case management capabilities to integrate your team, processes, and tools to help you orchestrate security workflows, automate repetitive security tasks, and quickly respond to threats.
If you are new to , read About in the Use manual to learn how you can use for security automation.
If your deployment uses the Splunk SOAR Automation Broker see the Release Notes for more information.
What's new in 6.1.1
Action required: Cryptography library update
In version 6.1.1 of , Splunk upgraded the Python cryptography library to version 41.0.1 to address a known security vulnerability in earlier libraries, as described in Splunk SOAR Cryptography Python Package Upgrade Incompatibility.
Check your specified pip dependencies for your connectors (also called apps) and update as needed. Splunk Inc recommends that you do not specify a version number to avoid possible future compatibility issues. If you require a specific version of the Python cryptography library package, specify a version that is at least 40.0.0 or later. See the Specifying pip dependencies section of Configure metadata in a JSON schema to define your app's configuration for details on where you specified the cryptography library.
This release of includes the following enhancements.
|Classic playbook to modern playbook conversion tool||You can now convert your classic playbooks to the modern playbook format with a CLI conversion tool. For details, see Convert classic playbooks to modern playbooks.|
|Updated telemetry data sharing options||Splunk collects and uses data to help with future product development and to better support your deployment. Users may opt in or opt out using the user interface, the command line, or the REST API.
To opt in or opt out, from the main Splunk SOAR menu, select Administration, then Product Settings, then Data Sharing. For details, see Share data from .
|Visual Playbook Editor: Update to Decision blocks||In the modern Visual Playbook Editor, you can now continue to add Else If conditions even after you have added an Else condition. For information on the Decision block in the modern Visual Playbook Editor, see Use decisions to send artifacts to a specific downstream action in your playbook.|
|Support for PostgreSQL 15||now supports PostgreSQL version 15 for deployments using an external database. In this release, only external PostgreSQL databases are supported. See Set up an external PostgreSQL server in Install and Upgrade Splunk SOAR (On-premises).|
|Updated debug logging||Available for standalone, non-clustered environments. |
Added ability to run the
Known issues for
This documentation applies to the following versions of Splunk® SOAR (On-premises): 6.1.1