The image shows a user interface of “splunk>phantom” with a search bar at the top, where a search for “Malware” has been initiated. The tabs labeled “Events,” “Indicators,” “Cases,” and “Tasks” suggest that the search functionality could span across various container fields within the Splunk SOAR environment. Typically, the search would include fields that are most relevant to the user’s query, which in this case, are likely to be the Event Name and Artifact Names. These fields are central to identifying and categorizing events and artifacts within Splunk SOAR, making them primary targets for a search term like “Malware” which is commonly associated with security events and indicators17.
References:
Understanding containers - Splunk Documentation
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit