Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Digital Shadows app icon

Digital Shadows

The Digital Shadows SearchLight App allows users to create flexible and dynamic playbooks that fully harness the capabilities provided by the Digital Shadows SearchLight API

Built by SOAR Community
soar product badge
Compatibility
Not Available
Platform Version: 6.4, 6.3, 6.2, 6.1
Rating

0

(0)

Log in to rate this app
The Digital Shadows SearchLight App allows users to create flexible and dynamic playbooks that fully harness the capabilities provided by the Digital Shadows SearchLight API

Supported Actions

  • test connectivity: Validate connection to the Digital Shadows API
  • on poll: Callback action for the 'on_poll' ingest functionality
  • search all records: Search across all Digital Shadow's entities including incidents, threat profiles, and our closed data stores
  • get incident: Retrieve a single incident and its details, identified by its unique integer identifier
  • search incidents: Search incidents based on filters. The On Poll action also uses this endpoint to collect incidents for a given time range/interval
  • get incident review: Retrieve the history of all review submissions for a given incident, ordered by submission time with the most recent submission first
  • post incident review: Post a status update to the incident along with a note
  • search intelligence incidents: Meant to be a simple way to search Intelligence Incidents based on time range and incident types if needed
  • get intelligence incident: Retrieve a single intelligence incident and its details, identified by its unique integer identifier
  • get intelligenceincident ioc: Retrieve the indicators of compromise associated with an intelligence incident
  • search data breaches: Search across all data breaches that are relevant to your organization
  • get data breach: Retrieve a single data breach and its details, identified by its unique integer identifier. The records associated with the breach must be retrieved using a separate operation
  • search databreach records: Search data breach records across all data breaches. This operation also includes basic information about the data breach the record occurred within
  • get databreach records: Retrieve breach records (credentials) for a specific breach
  • get breachrecord byuser: This action allows you to search breach records based on the domain, review status, or full/partial strings from the username
  • get breachrecord review: Retrieve the list of review status updates for a given data breach record
  • post breachrecord review: Update an individual breach record's notes or status using this action

Categories

Created By

SOAR Community

Source Code

Type

connector

Downloads

746

Licensing

Splunk Answers

Resources

Login to report this app listing
OSZAR »