Stealthwatch V6.10

Integration version: 3.0

Configure Stealthwatch V6.10 integration in Google Security Operations SOAR

For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.

Actions

Ping

Description

Test Connectivity.

Parameters

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
success	True/False	success:False

JSON Result

N/A

Search Events

Description

Get the security events from a host for a given time frame.

Parameters

Parameter	Type	Default Value	Description
Time Frame	String	N/A	Time frame in hours.

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
success	True/False	success:False

JSON Result

N/A

Search Flows

Description

Get flows by an IP address for a given time frame.

Parameters

Parameter	Type	Default Value	Description
Time Frame	String	N/A	Time frame in hours(e.g: 3).
Limit	String	N/A	The limit of the received flow.

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result

Script Result Name	Value Options	Example
success	True/False	success:False

JSON Result

N/A