Contact sales
Details

This workflows will run a Search Query for an Observable in Splunk Cloud via the Pivot Menu. You will receive a notification to a Prompt to set up the Search Query. Afterwards, it will try to retrieve the results with a 30 second interval and send another notification when done.

Description

  1. Make sure you have the Splunk Cloud integration module set up.
  2. Click on install.
  3. Use via the XDR Pivot Menu for any observable type.
Required targets

This workflow requires the following targets to be available before it can be run.

Integration targets

  • Splunk Cloud
  • Cisco XDR
About
Author
Christopher van der Made
Version
v1.2
Intent
Pivot Menu
Integration
Average rating
5.0 out of 5
Authorship
Community
Contact and support information
chrivand@cisco.com
External links

Content Licensing

Developer Community

Related workflows
Logo for Splunk Cloud
Splunk - Search Network Events (generic) - Cisco XDR Incident
Community
This workflow enhances security management by automating the process of identifying and managing network security events using Splunk and Cisco XDR.
Learn more
Logo for Splunk Cloud
Splunk Cloud - Export Incident Summary to Index
Cisco Managed
This incident response workflow allows you to export a summary of an XDR incident to a Splunk Cloud index from a playbook or using an automation rule.
Incident Response
Learn more
Logo for Splunk Cloud
Splunk Cloud - Run Search for Observable via Prompt
Community
This workflows will run a Search Query for an Observable in Splunk Cloud via the Pivot Menu.
Pivot Menu
Learn more