This Automation script uses the XSOAR API to get the audit logs and pushes them to Splunk HEC. Dependencies: SlunkPy and Core REST API integrations.
Forward XSOAR Audit Logs to Splunk HEC
- Details
- Content
- Dependencies
- Version History
This automation script takes a timeframe as input fetches the audit logs for the defined period. Then it pushes them to Splunk HEC.
Automations
Name | Description |
---|---|
ForwardAuditLogsToSplunkHEC |
Automations
Name | Description |
---|---|
ForwardAuditLogsToSplunkHEC | This Automation script uses the XSOAR API to get the audit logs and pushes them to Splunk HEC. Dependencies: SlunkPy and Core REST API integrations. |
Required Content Packs (3)
Pack Name | Pack By |
---|---|
Base | By: Cortex XSOAR |
Cortex REST API | By: Cortex XSOAR |
Splunk | By: Cortex XSOAR |
Optional Content Packs (0)
Pack Name | Pack By |
---|
All level dependencies (12)
Pack Name | Pack By |
---|---|
Base | By: Cortex XSOAR |
Asset | By: Cortex XSOAR |
Splunk | By: Cortex XSOAR |
Filters And Transformers | By: Cortex XSOAR |
Access Investigation | By: Cortex XSOAR |
Common Types | By: Cortex XSOAR |
Cortex REST API | By: Cortex XSOAR |
Common Scripts | By: Cortex XSOAR |
Identity | By: Cortex XSOAR |
Malware Core | By: Cortex XSOAR |
Common Playbooks | By: Cortex XSOAR |
Rasterize | By: Cortex XSOAR |
1.0.0 - 6367558 (October 13, 2021) Download
This automation script takes a timeframe as input fetches the audit logs for the defined period. Then it pushes them to Splunk HEC.
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
Supported By | Community | |
Created | October 13, 2021 | |
Last Release | December 4, 2024 |