Skip to main content

TIM - SIEM Integration

Download With Dependencies

Update your SIEM with minimal fuss! This Content Pack automates the delivery of indicators to your SIEM for correlation, with minimal configuration.

Threat Intelligence is an important aspect of incident response as it provides indicators and rich context. One of the main processes of working with indicators is sending them to 3rd party systems such as SIEM systems in order to allow correlations, reporting and searching for indicators within the SIEM.
The TIM - SIEM Integration pack includes playbooks that automate the process of sending indicators to 3rd party SIEM systems including ArcSight and QRadar. By customizing which indicators should be sent to SIEM.
With this content pack, you can significantly reduce the time and effort by automating the delivery of indicators to your SIEM, with minimal configuration.

What does this pack do?

The playbooks included in this pack help you automate repetitive tasks associated with with the handling of indicators:

  • Sending indicators of type IP, Domains, URLs and more to the customers SIEM product of choice.

For more information, visit our Cortex XSOAR Developer Docs

PUBLISHER

PLATFORMS

Cortex XSOAR

INFO

CertificationRead more
Supported ByCortex
CreatedJanuary 27, 2021
Last ReleaseApril 20, 2026
Threat Intelligence Management
WORKS WITH THE FOLLOWING INTEGRATIONS:
DISCLAIMER
By downloading or using Marketplace content, you agree to the applicable Terms of Use and End User License Agreement. Third-party content is provided by its publisher, and Palo Alto Networks does not warrant, endorse, support, or assume responsibility for content not expressly identified as owned by Palo Alto Networks.