Video

Splunk SOAR Explained - How to Build Playbooks

Episode 3

Play Video

Video Summary

This video explains the process of building a Playbook within Splunk SOAR using the visual Playbook editor. Playbooks are designed to automate repetitive and time-consuming tasks, making security operations more efficient. A well-crafted Playbook should be easy to maintain and help reduce false positives, freeing up valuable analyst time. The video walks through the process of accessing pre-existing Playbooks, including those contributed by the community, and creating a new automation Playbook. This example focuses on automating a phishing email investigation, where a URL is checked through VirusTotal, and if deemed malicious, blocked using Zscaler.

The video also introduces key elements of the visual Playbook editor, such as decision blocks, custom Python code blocks, and utility functions. These tools allow users to add logic, process data, and automate various security actions. Additionally, the Playbook block lets users call other Playbooks, and the prompt block facilitates human interaction when needed. The video highlights how to label Playbooks for automatic triggering and emphasises best practices, such as modular Playbook design. A final example shows a more complex Playbook with multiple actions and decision outputs, illustrating the flexibility and depth of Playbook automation within Splunk SOAR.

Additional Resources

Who are Somerford?

We are a passionate group of people delivering innovation to our customers on their digital transformation journey.

Splunk Edge Hub

Effortlessly streamline the process of inegrating your data with the Splunk Edge Hub.

Splunk Security Solutions

Utilise Splunk's suite of security solutions designed to provide uniefied and robust defence against cyber threads.

Get in Touch to Learn More

With specialist knowledge, skills and experience derived from supporting a broad range of FTSE 100, FTSE 250 and smaller companies Somerford Associates have a strong reputation for enabling digital transformation at scale, at pace and in budget.
Scroll to Top