trainocate-splunk-training-b
Home > Vendors > splunk > splk-devsoarpb

SPLK-DEVSOARPB - Developing SOAR Playbooks

Overview

Duration: 2.0 days

This 9 hour introductory course prepares IT and security practitioners to plan, design, create and debug basic playbooks for SOAR. Students will learn fundamentals of SOAR playbook capabilities, creation and testing. This course is a pre-requisite for the Advanced SOAR Implementation course. 

Objectives

Please refer to course overview.

Audience

Familiarity with Python Programming

Content

Module 1 – Introduction to Playbooks

  • Understand automation best practices
  • Design playbooks
  • Python support
  • Use the playbook manager

Module 2 – Visual Playbook Editor

  • Use the visual playbook editor
  • Use actions and decisions
  • Process action results
  • Test new playbooks

Module 3 – User Interaction and Logic

  • Interact with users during playbook execution
  • Format outputs
  • Use decision blocks

Module 4 – Accessing and Formatting Data

  • Accessing action results
  • Accessing artifact and container data
  • Formatting data

Module 5 – Modular Playbook Development

  • Creating inpup playbooks
  • Calling other playbooks
  • Passing data between playbooks

Module 6 – Custom Lists and Filters

  • Custom list concepts
  • Create custom lists
  • Access lists from playbooks
  • Use filters

Prerequisites

To be successful, students should have a solid understanding of the following:

  • Familiarity with Python Programming

One of the Following:

  • Administering SOAR (preferred)
  • Using SOAR Video Courses

Certification

Schedule




Enquire Now
 
 
 
 
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy