Welcome to the new Splunkbase! To return to the old Splunkbase, .
Collections
Apps
Submit an app
Attivo app icon

Attivo

Interact with Attivo BOTsink

Built by
soar product badge
Latest Version 1.0.0
September 17, 2021
Compatibility
Not Available
Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9, 4.8, 4.7, 4.6, 4.5, 4.2, 4.1, 4.0
Rating

0

(0)

Log in to rate this app
Support
Attivo support icon
Not Supported
Ranking

#2

in Network Security
Interact with Attivo BOTsink

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity using supplied configuration
  • on poll: Ingest alerts from the Attivo BOTsink
  • get events: Pull Attivo events based on source IP and timeframe
  • check user: Verify whether a user is Deceptive
  • check host: Verify whether a host is Deceptive
  • list hosts: List all deceptive hosts (network decoys) on the Attivo BOTsink
  • list users: List all deceptive users on the Attivo BOTsink
  • list playbooks: List all configured playbooks on the Attivo BOTsink
  • run playbook: Run a preconfigured Playbook on the Attivo BOTsink
  • deploy decoy: Bring up a network decoy system

Categories

Created By

srv-stage-community

Source Code

Type

connector

Licensing

Splunk Answers

Resources

Log in to report this app listing