Stealthwatch V6.10

Integration version: 4.0

Configure Stealthwatch V6.10 integration in Google Security Operations SOAR

For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.

Actions

Ping

Description

Test Connectivity.

Parameters

N/A

Run On

This action runs on all entities.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Search Events

Description

Get the security events from a host for a given time frame.

Parameters

Parameter Type Default Value Description
Time Frame String N/A Time frame in hours.

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A

Search Flows

Description

Get flows by an IP address for a given time frame.

Parameters

Parameter Type Default Value Description
Time Frame String N/A Time frame in hours(e.g: 3).
Limit String N/A The limit of the received flow.

Run On

This action runs on the IP Address entity.

Action Results

Entity Enrichment

N/A

Insights

N/A

Script Result
Script Result Name Value Options Example
success True/False success:False
JSON Result
N/A