Splunk SOAR
Splunk Phantom, renamed to Splunk SOAR, is a security orchestration, automation, and response (SOAR) solution.
Creating a Splunk SOAR connection
Using Username & Password
To create the connection you need:
- An API Address
- A Username
- A Password
- A Disable SSL Enforcement
The username and password are the same as those with which you log on to your Splunk instance.
Creating your connection
-
In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
-
Select the Splunk SOAR icon. A dialog box with name of the connection and connection methods appear.
-
(Optional) Edit the name of the connection. At a later stage you cannot edit the name.
-
Select Username & Password as the method to create the connection.
-
Fill in the parameters:
- The API Address
- The Username
- The Password
- The Disable SSL Enforcement
-
(Optional) Click Test Connection to test it.
-
Click Create connection. The new connection appears on the Connections page.