Skip to main content

TIM - SIEM Integration

Download With Dependencies

Update your SIEM with minimal fuss! This Content Pack automates the delivery of indicators to your SIEM for correlation, with minimal configuration.

Threat Intelligence is an important aspect of incident response as it provides indicators and rich context. One of the main processes of working with indicators is sending them to 3rd party systems such as SIEM systems in order to allow correlations, reporting and searching for indicators within the SIEM.
The TIM - SIEM Integration pack includes playbooks that automate the process of sending indicators to 3rd party SIEM systems including ArcSight and QRadar. By customizing which indicators should be sent to SIEM.
With this content pack, you can significantly reduce the time and effort by automating the delivery of indicators to your SIEM, with minimal configuration.

What does this pack do?

The playbooks included in this pack help you automate repetitive tasks associated with with the handling of indicators:

  • Sending indicators of type IP, Domains, URLs and more to the customers SIEM product of choice.

For more information, visit our Cortex XSOAR Developer Docs

PUBLISHER

PLATFORMS

Cortex XSOAR

INFO

CertificationRead more
Supported ByCortex
CreatedJanuary 27, 2021
Last ReleaseJune 10, 2024
Threat Intelligence Management
WORKS WITH THE FOLLOWING INTEGRATIONS:
DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.