Stealthwatch

Integration version: 7.0

Configure Stealthwatch integration in Google Security Operations SOAR

For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.

Actions

Ping

Description

Test Connectivity.

Parameters

N/A

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
success	True/False	success:False

JSON Result

N/A

Search Events

Description

Get a hosts security events for a given time frame.

Parameters

Parameter	Type	Default Value	Description
Time Frame	String	N/A	Time frame in hours.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
success	True/False	success:False

JSON Result

N/A

Search Flows

Description

Get flows by the IP address for a given time frame.

Parameters

Parameter	Type	Default Value	Description
Time Frame	String	N/A	Time frame in hours(e.g: 3).
Limit	String	N/A	The limit of the received flow.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
success	True/False	success:False

JSON Result

N/A

Need more help? Get answers from Community members and Google SecOps professionals.