After the future removal of the classic playbook editor, your existing classic playbooks will continue to run, However, you will no longer be able to visualize or modify existing classic playbooks.
For details, see:
Assess app and asset connectivity and ingestion
Check that your apps and assets are properly connected, are able to communicate with your , and are ingesting data properly.
Monitor all apps and assets
Monitor all of your apps and assets with any of the methods described in this section.
View Asset Health
View the Asset Health panel on the Home page of to see the status of all of your apps and assets. Sort by Status to see group any assets with a Failed status. Select any asset to see its app page.
For information on troubleshooting connectivity for an app or asset, see Troubleshoot connectivity for a specific app or asset later in this topic.
Check status through REST API
Use the app_status REST API call to check the status of your apps and assets.
For information on how to use the REST API call, see /rest/app_status in the REST API Reference for documentation.
For information on troubleshooting connectivity for an app or asset, see Troubleshoot connectivity for a specific app or asset later in this topic.
Troubleshoot connectivity for a specific app or asset
Some common causes of of failed connectivity include:
- The connection is missing or improperly configured
- You don't have proper credentials to access the asset
- cannot connect to the specified service
- If you're connecting to assets using the Splunk SOAR Automation Broker, make sure the Automation Broker is correctly configured. See Configure Connectors to use the Splunk SOAR Automation Broker in Set Up and Manage the Splunk SOAR Automation Broker.
When you encounter a specific app or asset with a failed connectivity status, address the issue using steps described in this section.
Within the asset settings
To test connectivity of an app or asset with a Failed status, follow these steps:
- Open the app page using one of these methods:
- In the Asset Health panel, select an asset.
- From the Home menu, select Apps. For the desired app, locate and select the configured asset.
- Select the Asset Settings tab.
- Select Test Connectivity.
- A test results message appears. Read the message and save a copy of it for your reference. Then click Close.
- Edit the app configuration to address the connectivity message. Check the common causes of connectivity issues described earlier in this section.
If you cannot troubleshoot the connectivity issue on your own, contact Splunk Support. For details on Splunk Support, see Administer .
Check Ingestion Status
Your apps must be connected and also able to ingest data in order to be fully functional.
To check if your apps are able to ingest data, follow these steps:
- In your instance, from the Home menu, select Administration.
- Select Ingestion Summary and view the chart. Check that the values on the chart are not all zeros.
- Select Ingestion Status. The first section of the page shows successful ingestion for your apps. Review the Ingestion Errors section to see if there are any errors.
If there are ingestion errors:
- If you have not done so already, check the app's connectivity and troubleshoot any issues, as described in Monitor all apps and assets and Troubleshoot connectivity for a specific app or asset earlier in this topic.
- If the app is connected, but it is not ingesting data properly, contact Splunk Support. For details on Splunk Support, see Administer .
For additional information on data ingestion, see View how much data is ingested in using ingestion summary and View ingested container statistics using Ingestion Status.
Add and configure apps and assets to provide actions in | Share data from |
This documentation applies to the following versions of Splunk® SOAR (On-premises): 6.2.1, 6.2.2, 6.3.0, 6.3.1
Feedback submitted, thanks!