Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/phantomcyber/playbooks
Phantom Community Playbooks
https://github.com/phantomcyber/playbooks
Last synced: 4 months ago
JSON representation
Phantom Community Playbooks
- Host: GitHub
- URL: https://github.com/phantomcyber/playbooks
- Owner: phantomcyber
- License: apache-2.0
- Created: 2015-08-31T22:35:12.000Z (almost 9 years ago)
- Default Branch: 6.2
- Last Pushed: 2024-01-05T22:05:42.000Z (6 months ago)
- Last Synced: 2024-01-06T23:56:03.418Z (6 months ago)
- Language: Python
- Homepage:
- Size: 48.1 MB
- Stars: 436
- Watchers: 63
- Forks: 188
- Open Issues: 12
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- Awesome-SOAR - Playbooks Automation components by Phantom
- awesome-incident-response - Phantom Community Playbooks - Phantom Community Playbooks for Splunk but also customizable for other use. (IR Tools Collection / Playbooks)
- awesome-incident-response - Phantom Community Playbooks - Phantom Community Playbooks for Splunk but also customizable for other use. (IR Tools Collection / Playbooks)
- awesome-splunk-phantom - Official Community Playbooks
- awesome-incident-response - Phantom Community Playbooks - Phantom Community Playbooks for Splunk but also customizable for other use. (IR Tools Collection / Playbooks)
- fucking-awesome-incident-response - Phantom Community Playbooks - Phantom Community Playbooks for Splunk but also customizable for other use. (IR Tools Collection / Playbooks)
README
# Community Playbooks
>**NOTICE**: This repo will be decommissioned in the future and will migrate content to Splunk's [GitHub](https://github.com/splunk). We have paused external submissions until the migration is completed. There will be no content interruption to Splunk SOAR customers.
This is the 6.0 branch of the Splunk SOAR Community Playbooks repository, which contains the default initial playbooks and custom functions for each Splunk SOAR instance. Splunk SOAR was previously known as Phantom. If you are using an older version of Splunk SOAR (or Phantom) then your instance will synchronize with an older branch of this repository such as [5.4](https://github.com/phantomcyber/playbooks/tree/5.4) or [4.10](https://github.com/phantomcyber/playbooks/tree/4.10)
The Splunk SOAR platform automatically links to the branch of this repository that matches the running Splunk SOAR version. By default this repository is named **community**, which can be selected as the **Repo** filter to only display these playbooks and custom functions. You can update your content with the **Update from source control** button on the playbook listing page.