Stealthwatch
Integration version: 5.0
Configure Stealthwatch integration in Google Security Operations SOAR
For detailed instructions on how to configure an integration in Google Security Operations SOAR, see Configure integrations.
Actions
Ping
Description
Test Connectivity.
Parameters
N/A
Use cases
N/A
Run On
This action runs on all entities.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| success | True/False | success:False |
JSON Result
N/A
Search Events
Description
Get a hosts security events for a given time frame.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| Time Frame | String | N/A | Time frame in hours. |
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| success | True/False | success:False |
JSON Result
N/A
Search Flows
Description
Get flows by the IP address for a given time frame.
Parameters
| Parameter | Type | Default Value | Description |
|---|---|---|---|
| Time Frame | String | N/A | Time frame in hours(e.g: 3). |
| Limit | String | N/A | The limit of the received flow. |
Use cases
N/A
Run On
This action runs on the IP Address entity.
Action Results
Entity Enrichment
N/A
Insights
N/A
Script Result
| Script Result Name | Value Options | Example |
|---|---|---|
| success | True/False | success:False |
JSON Result
N/A