[Splunk ES] Bi-Directional connectors for Splunk Enterprise Security #2960
Labels
feature
use for describing a new feature to develop
needs triage
use to identify issue needing triage from Filigran Product team
Comments
damians-filigran
added
feature
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Use case
Splunk Enterprise Security users wish to integrate OpenCTI into this module, sending IOCs from OpenCTI to Splunk ES in the correct, supported KV stores in the ES module, and returning sightings and alerts via API into OpenCTI as Incidents.
Current Workaround
Not available
Proposed Solution
Develop dedicated connector
Additional Information
Would you be willing to submit a PR?
We strongly encourage you to submit a PR if you want and whenever you want. If your issue concern a "Community-support" connector, your PR will probably be accepted after some review. If the connector is "Partner-support" or "Filigran-support", a dev team make take over but will base its work on your PR, speeding the process. It will be much appreciated.
The text was updated successfully, but these errors were encountered: