Latest Version 3.0.4
September 17, 2021
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
TruSTAR
This App integrates with TruSTAR to provide various hunting and reporting actions
Built by Splunk Inc.
Compatibility
Not Available
Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9
Rating
0
(0)
Log in to rate this app
Support
Splunk Supported connector
Ranking
#4
in Investigative
This App integrates with TruSTAR to provide various hunting and reporting actions
Supported Actions
- test connectivity: Validate credentials provided for connectivity
- hunt ioc: Get report IDs associated with an IOC
- hunt ip: Get report IDs associated with an IP/CIDR
- hunt url: Get report IDs associated with a URL
- hunt file: Get report IDs associated with a file
- hunt email: Get report IDs associated with an email address
- hunt cve: Get report IDs associated with a CVE (Common Vulnerability and Exposure) number
- hunt malware: Get report IDs associated with a malware indicator
- hunt registry key: Get report IDs associated with a registry key
- hunt bitcoin address: Get report IDs associated with a bitcoin address
- get report: Get report details
- copy report: Copy a report to another enclave
- move report: Move a report to another enclave
- delete report: Delete a report
- submit report: Submit report to TruSTAR
- update report: Update a TruSTAR report
- safelist ioc: Add IOCs to the whitelist
- unsafelist ioc: Remove IOC from the whitelist
- list enclaves: List all the accessible enclaves in TruSTAR
- list emails: Get a list of emails submitted to Phishing Triage
- list indicators: Get a list of indictors found in phishing submissions
- triage email: Change the status of an email submission
Categories
Created By
Splunk Inc.
Source Code
Type
connector
Licensing
Splunk Answers
Resources
Login to report this app listing