Find the latest version here: https://splunkbase.splunk.com/app/6347/.
From within Splunk SOAR, in the Apps UI, click the Install App button
Select the downloaded GreyNoise App bundle and click Install
The GreyNoise App will appear under the Unconfigured Apps menu. Select the Configure New Asset button. Give the asset a name and description.
Under the Asset Settings section, add a GreyNoise API key and configure a GNQL to use for the On Poll action.
A variety of actions can be run on-demand, including IP Reputation (Noise), RIOT Lookup and Community API Lookup.
In addition to the App, GreyNoise has also published playbooks that can help with common tasks. The playbooks can be downloaded from my.phantom.us and uploaded to your local phantom instance.
Updated 9 months ago