![]() ![]() It's a discounted offering including all the modules required for this path. Please Note: This is a Learning Path and NOT a course. This certification demonstrates an individual's knowledge and skills in installing and configuring a SOAR server and integrating it with Splunk, as well as planning, designing, creating, and debugging playbooks. These highly skilled individuals are proficient in complex SOAR solution development, and can integrate SOAR with Splunk as well as develop playbooks requiring custom coding and REST API usage. Software-Defined Wide Area Network (SD-WAN)Ī Splunk SOAR Certified Automation Developer* installs, configures, and uses SOAR (formerly Phantom) servers and plans, designs, creates, and debugs basic playbooks for SOAR.Used to locate group data in the SAML assertion, treated as a mapping object, e.g. Not required only if the FQDN has been set in Company Settings.įlag indicating if SSL is required (defaults to FALSE). Users will be redirected here for login when using SAML2.īase URL for the Phantom instance. URL used to gain user consent/authorization from the identity provider. This is used for out-of-band configuration. The XML containing the SAML provider metadata. This is the preferred method of obtaining provider metadata since it should always be up-to-date. The issuer ID (URI) given by your provider SAML2 providers are modified with the following keys. The "group" key should contain the name of the LDAP group that translates to the Phantom group The "role" key should contain the numeric ID of the Phantom role. The "external_attr" key should contain the name of the LDAP attribute used to populate the django attribute.Įach entry of the array should contain two key-value pairs. The "django_attr" key should have one of the following values. Requires the test_username to be set.Įach entry of the array should contain two key-value pairs. Used to verify the test_username is in the expected group. Username for testing LDAP access and queries. Required if using Cyberark as a credential manager. Identifies the Safe that contains the credentails in Cyberark. Path for identifying the password in the credential manager. Key for identifying the password in the credential manager. Required if not using a credential manager to store your password.įlag indicating if the service account password should be retrieved from the credential manager. The password for the service account used to query the provider. If set to true, will only connect using ldaps. Username for the service account used to query the provider. ID of the provider, this should be a GUID-like entry.įlag indicating if the provider is enabled. Type of provider, should match the section. The name of the provider configuration entry. LDAP providers are modified with the following keys. Type should match the name of the section. Partial updates are not supported.Įach section is modified with the following keys at the top level.įlag indicating if this section is enabled (applies to all of each ldap/saml2/openid sections).Īn array of the provider configurations. The entirety of "auth_settings" must be submitted in a single post. Possible keys are:Ī complex data structure containing all authentication providers. ![]() Key-value pairs indicating which audit trail sections should be enabled. Audit trail settings and authentication providers are modified with the following parameters. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |