![splunk enterprise system administration splunk enterprise system administration](https://locusit.com/wp-content/uploads/2020/02/Courses-for-Splunk-Administrator-Troubleshooting-Splunk-Enterprise.png)
You can configure a correlation search to generate a notable event (alert) when search results meet specific conditions. 00: 18 Credits: Building Splunk Apps: Two 4. , the server Splunk Phantom is an orchestration, automation, and response platform designed to help scale your IT and security operations. Use Python scripts and the REST API to manage your deployment Manage Splunk SOAR (On-premises) Certificate Store Copy your _phantom_backup. The ExtraHop REST API enables you to automate administration and configuration tasks on your ExtraHop system. Overview of correlation searches in ITSI. Splunk Phantom lets you automate tasks, orchestrate workflows, and support a broad range of NOC and SOC functions. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers. Dynamic assignment of priority (optional) - Dynamic and/or static Splunk-Phantom, API client. rest/container Manage containers and their associated authorized users, pin templates, comments, attachments, and options. We have gotten the IP set up with the port on phantom, and we take the API key from the automation user and place it inside the phantom configuration. Bidirectional episode ticketing integrations. All POST and DELETE operations are irreversible. This includes email receipt, processing and delivery, and employees clicking on links within an email. NOTE: When upgrading to this version you must re-enter your Airlock Server details + API key on the addon 'Configuration -> Add-on Settings' page. The diagram below illustrates the typical application calls made to the API. Learn More > Additionally, our APIs are REST based and come with pre-written python wrappers making it easy to incorporate into your own internal tools as you see fit. By using the REST API of Splunk Phantom, security incidents (containers and artifacts) can be created and playbooks are programmatically Splunk Phantom is an orchestration, automation, and response platform designed to help scale your IT and security operations. Splunk phantom rest api The JIRA Cloud Audit Logs Add-On for Splunk uses the Jira REST API to fetch audit records from Jira and ingest them into Splunk.