Contents x
      Splunk SOAR
      • 20 Jun 2024
      • 1 Minute to read
      • Print
      • Dark
        Light
      Contents

      Splunk SOAR

      • Updated on 20 Jun 2024
      • 1 Minute to read
      • Print
      • Dark
        Light
      Article summary

      Silent Push has a Splunk SOAR app that allows users to utilize Silent Push data within Splunk workflows.

      The Splunk SOAR integration is available to users with a valid Silent Push API key

      Available Splunk SOAR actions

      • Forward and Reverse DNS lookups across all record types
      • Enrichment for domain, IPv4, and IPv6
      • Reputation for domains, IPs, nameservers, ASNs, and subnets
      • Certificates
      • ASNs
      • Density
      • Live Scan
      • Live Screenshot
      • Search Scan Data
      • Get Indicators of Future Attack (Enterprise Only)

      Splunk x Silent Push template

      Integrating Splunk SOAR with Silent Push

      1. Download the app on Splunkbase here

      2. Generate a Silent Push API Key

      3. Log in to your Splunk SOAR Platform

      4. Navigate to the Home

      5. Select Apps

      6. Search for Silent Push

      7. Click CONFIGURE NEW ASSET

      8. Navigate to the Asset Info tab

      9. Enter a Name and Description

      10. Navigate to Asset Settings

      11. Enter your Silent Push API key

      12. Save the asset

      13. Test the connectivity of the Splunk SOAR server to Silent Push by clicking the TEST CONNECTIVITY button

      Was this article helpful?
      What's Next