JSON metadata that describes the app and functionality that the app provides Required to initialize and define a Python package. gzip archives that you can import into Splunk Phantom.Ī Splunk Phantom app consists of a number of components. The first edge is implemented by a rich set of Python APIs that the platform exposes to the app developer through a base class.Īpps distributed by Splunk Phantom or third parties are transmitted as. This simple design helps facilitate automated actions that are carried out by the Splunk Phantom platform on behalf of the user. The result of these actions are read by the app and passed back to the Splunk Phantom platform. An app on the opposite edge converts the action into specific commands to communicate with its device or service.One of the edges is given an action to be carried out on behalf of the Splunk Phantom platform.Think of them as having two strict edges: Splunk Phantom apps are written in Python to create a bridge between the Splunk Phantom platform and other security device/applications. View them to gain more insight and best practices.
The Splunk Phantom portal has all the videos of past App Development Webinars. To develop a Splunk Phantom app, start with the app wizard: Splunk Phantom apps are developed by engineers knowledgeable in Python and modern web technologies. Given the broad set of technologies that can be orchestrated during a cyber response exercise, apps provide some relief in allowing users and partners to add their own custom functionality. Splunk Phantom apps provide a mechanism to extend the Splunk Phantom platform by adding connectivity to third party security technologies in order to run actions.
0 kommentar(er)
