Latest Version 2.1.2
September 17, 2021
AWS GuardDuty
This app integrates with AWS GuardDuty to investigate findings
Built by
Compatibility
SOAR On-Prem, SOAR Cloud
Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9
Rating
0
(0)
Log in to rate this app
Support
Splunk Supported connector
Ranking
#3
in SIEM
This app integrates with AWS GuardDuty to investigate findings
Supported Actions
- test connectivity: Validate the asset configuration for connectivity using supplied configuration
- on poll: Callback action for the on_poll ingest functionality
- update finding: Updates specified Amazon GuardDuty findings as useful or not useful
- run query: Fetch the findings as per the filters applied
- archive finding: Archives Amazon GuardDuty findings specified by the detector ID and list of finding IDs
- unarchive finding: Unarchives Amazon GuardDuty findings specified by the detector ID and list of finding IDs
- list filters: Returns a paginated list of the current filters
- list threats: Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID
- list ip sets: Lists the IPSets of the GuardDuty service specified by the detector ID
- list detectors: Lists detectorIds of all the existing Amazon GuardDuty detector resources
Categories
SIEM
Created By
Splunk Inc.
Source Code
GitHub(Opens new window)Type
connector
Licensing
Apache License 2.0(Opens new window)Splunk Answers
Ask a question about this app listing(Opens new window)Resources
Log in to report this app listing