Publisher: Splunk Community
Connector Version: 1.1.0
Product Vendor: Splunk
Product Name: SOAR
Product Version Supported (regex): ".*"
Minimum Product Version: 5.2.0
This app provides utilities to interact with or get information about SOAR playbooks
The app uses HTTP/ HTTPS protocol for communicating with the SOAR Rest APIs. Below are the default ports used by Splunk SOAR.
| Service Name | Transport Protocol | Port |
|---|---|---|
| http | tcp | 80 |
| https | tcp | 443 |
test connectivity - Validate the asset configuration for connectivity using supplied configuration
get playbook tree - Get details about the parent/child relationships of playbooks and actions
Validate the asset configuration for connectivity using supplied configuration
Type: test
Read only: True
No parameters are required for this action
No Output
Get details about the parent/child relationships of playbooks and actions
Type: generic
Read only: True
Note: If the playbook_run_id parameter is not provided, it will attempt to asertain the playbook run that is calling the current app run. If the action was not provied with a playbook_run_id and was called outside of a playbook, an error status will be returned.
| PARAMETER | REQUIRED | DESCRIPTION | TYPE | CONTAINS |
|---|---|---|---|---|
| playbook_run_id | optional | Playbook run ID of any playbook run in the tree that is to be retrieved (If not provided and was called from a playbook, this defaults to the current playbook run id that initiated this app run) | numeric | |
| include_app_runs | optional | Include app runs in the playbook tree output | boolean |
| DATA PATH | TYPE | CONTAINS |
|---|---|---|
| action_result.parameter.playbook_run_id | numeric | |
| action_result.parameter.include_app_runs | boolean | |
| action_result.status | string | |
| action_result.message | string | |
| summary.total_objects | numeric | |
| summary.total_objects_successful | numeric | |
| action_result.data.*.name | string | |
| action_result.data.*.type | string | |
| action_result.data.*.run_id | numeric | |
| action_result.data.*.tree_fill | string | |
| action_result.data.*.run_details.id | numeric | |
| action_result.data.*.run_details.misc.scope | string | |
| action_result.data.*.run_details.misc.parent_playbook_run | numeric | |
| action_result.data.*.run_details.owner | numeric | |
| action_result.data.*.run_details.status | string | |
| action_result.data.*.run_details.message | string | |
| action_result.data.*.run_details.version | numeric | |
| action_result.data.*.run_details.playbook | numeric | |
| action_result.data.*.run_details.cancelled | string | |
| action_result.data.*.run_details.container | numeric | phantom container id |
| action_result.data.*.run_details.log_level | numeric | |
| action_result.data.*.run_details.node_guid | string | |
| action_result.data.*.run_details.test_mode | numeric | |
| action_result.data.*.run_details.ip_address | string | ip |
| action_result.data.*.run_details.parent_run | numeric | |
| action_result.data.*.run_details.start_time | string | |
| action_result.data.*.run_details.update_time | string | |
| action_result.data.*.run_details._pretty_owner | string | |
| action_result.data.*.run_details.last_artifact | numeric | |
| action_result.data.*.run_details.effective_user | numeric | |
| action_result.data.*.run_details._pretty_playbook | string | |
| action_result.data.*.run_details._pretty_scm_name | string | |
| action_result.data.*.run_details._pretty_container | string | |
| action_result.data.*.run_details._pretty_start_time | string | |
| action_result.data.*.run_details.playbook_run_batch | string | |
| action_result.data.*.run_details._pretty_update_time | string | |
| action_result.data.*.run_details._pretty_effective_user | string | |
| action_result.data.*.tree_prefix | string | |
| action_result.data.*.run_details.misc.parent_playbook_run.cb_fn_name | string | |
| action_result.data.*.run_details.misc.parent_playbook_run.child_playbook_id | numeric | |
| action_result.data.*.run_details.misc.parent_playbook_run.parent_playbook_id | numeric | |
| action_result.data.*.run_details.misc.parent_playbook_run.child_playbook_name | string | |
| action_result.data.*.run_details.misc.parent_playbook_run.parent_playbook_name | string | |
| action_result.data.*.run_details.misc.parent_playbook_run.parent_playbook_run_id | numeric | |
| action_result.data.*.run_details.misc.parent_playbook_run.child_playbook_run_name | string | |
| action_result.data.*.run_details.misc.parent_playbook_run.playbook_run_start_time | numeric | |
| action_result.data.*.run_details.misc.parent_playbook_run.parent_playbook_run_effective_user_id | numeric | |
| action_result.data.*.action | string | |
| action_result.data.*.status | string | |
| action_result.data.*.run_details.app | numeric | |
| action_result.data.*.run_details.asset | numeric | |
| action_result.data.*.run_details.action | string | |
| action_result.data.*.run_details.app_name | string | |
| action_result.data.*.run_details.end_time | string | |
| action_result.data.*.run_details.action_run | numeric | |
| action_result.data.*.run_details._pretty_app | string | |
| action_result.data.*.run_details.app_version | string | |
| action_result.data.*.run_details.playbook_run | numeric | |
| action_result.data.*.run_details._pretty_asset | string | |
| action_result.data.*.run_details._pretty_end_time | string | |
| action_result.data.*.run_details.exception_occured | boolean | |
| action_result.data.*.run_details._pretty_action_run | string | |
| action_result.data.*.run_details._pretty_has_widget | boolean | |
| action_result.data.*.run_details._pretty_app_directory | string | |
| action_result.summary.app_run_ids | numeric | |
| action_result.summary.playbook_run_ids | numeric | |
| action_result.summary.rendered_playbook_tree | string |