Question 1

How to contribute a playbook to the Splunk SOAR community repository?

Accepted Answer

Clone the repo, export the playbook from Splunk SOAR, unpack the .tgz file, add it to the playbooks folder with a PNG screenshot, and open a pull request. Automated tests must pass before a maintainer reviews it, as per the contribution steps.

Question 2

Splunk SOAR community playbooks vs building custom ones: which is better?

Accepted Answer

Community playbooks save time with pre-built, tested workflows for common tasks, but for highly specific or proprietary processes, custom playbooks are necessary. The choice depends on your security needs and customization requirements.

Question 3

How do I update playbooks from the community repo in my Splunk SOAR instance?

Accepted Answer

Use the 'Update from source control' button on the playbook listing page in Splunk SOAR, which automatically syncs with the version-matched branch of this repository, ensuring compatibility without manual intervention.

Question 4

Are Splunk SOAR community playbooks free to use?

Accepted Answer

Yes, the playbooks are open-source and free, but they require a valid Splunk SOAR license to deploy and run within the platform, so there's no additional cost for the content itself.

Question 5

What versions of Splunk SOAR are supported by this repository?

Accepted Answer

It supports multiple versions through branches, like 6.3, 5.4, and 4.10, as mentioned in the README. Your instance syncs with the matching branch, but older versions may have limited or outdated playbooks.

Question 6

How to troubleshoot failed automated tests when contributing a playbook?

Accepted Answer

Review the test output for errors, ensure your playbook follows Splunk SOAR syntax and dependencies, and make necessary adjustments. The contribution process requires resolving test issues before submission.

Phantom Community Playbooks

What is Phantom Community Playbooks?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions