SpectraAnalyze-EnrichFileHash
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
This playbook will enrich a Microsoft Sentinel incident with file hash information from a Spectra Analyze appliance. A comment will be added to the incident with details about the file.
| Attribute | Value |
|---|---|
| Type | Playbook |
| Solution | ReversingLabs |
| Source | View on GitHub |
Additional Documentation
📄 Source: SpectraAnalyze-EnrichFileHash/readme.md
Author: Aaron Hoffmann (ReversingLabs)
This playbook enriches file hash entities with information from a ReversingLabs Spectra Analyze (formerly A1000) appliance.
Prerequisites
You'll need the following: * A ReversingLabs Spectra Analyze Appliance URL * A Spectra Analyze API Token
Post-deployment
After deploying the template, you'll want to update the playbook connections with your Spectra Analyze API token.
Screenshots
References
- ReversingLabs content pack installation guide
- Video - How to install and configure the ReversingLabs content pack
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊