Stealthwatch

Integration version: 7.0

Configure Stealthwatch integration in Google Security Operations SOAR

For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.

Actions

Ping

Description

Test Connectivity.

Parameters

N/A

Use cases

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Search Events

Description

Get a hosts security events for a given time frame.

Parameters

Parameter Type Default Value Description
Time Frame String N/A Time frame in hours.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Search Flows

Description

Get flows by the IP address for a given time frame.

Parameters

Parameter Type Default Value Description
Time Frame String N/A Time frame in hours(e.g: 3).
Limit String N/A The limit of the received flow.

Use cases

N/A

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A