2/29/2024 0 Comments Splunk rest api referenceSet_action_limit is not supported from within a custom function. Before you can configure this integration, you must generate an ExtraHop REST API key and then add the key when you configure the ExtraHop Add-on for Splunk. Each phantom.act() call can still result in multiple actions performed, resulting in more actions than this setting. The default is 500 action calls per container per Playbook. Use set_action_limit in your playbook's on_start() block to set the maximum number of action calls that can be executed. bug("phantom returned status code ".format(indicator_tag_list))Īssert json.dumps(outputs) # Will raise an exception if the :outputs: object is not JSON-serializable # Using phantom.requests ensures the correct headers for authentication Indicator_tag_url = phantom.build_phantom_rest_url('indicator', indicator_id, 'tags') To see additional tutorials, including how to use the Splunk platform REST API with Splunk Cloud Platform, see the REST API Tutorials Manual. # phantom.build_phantom_rest_url will join positional arguments like you'd expect (with URL encoding) To see a list of available endpoints and operations for accessing, creating, updating, or deleting resources, see the REST API Reference Manual. Raise ValueError('indicator_id is a required parameter') Tags: The tags associated with the given indicator From the Main Menu, select Administration. Log in to Splunk Phantom as an administrative user. This user and any other automation type users are service accounts that provide access to the REST API with customizable restrictions. Returns a JSON-serializable object that implements the configured data paths: Use the automation user provided in Splunk Phantom by default to acquire an authorization token. Indicator_id: The ID of the indicator to list the tags for List the tags on the indicator with the given ID Def list_indicator_tags(indicator_id=None, **kwargs):
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |