Skip to main content

Spectra Analyze App for Splunk SOAR Installation Guide

Overview

This guide will describe the process of installing and configuring the ReversingLabs Spectra Analyze app for Splunk SOAR.

Prerequisites

Before you begin, ensure you have:

  1. A Splunk SOAR on-prem or Splunk SOAR Cloud instance versions 6.3 or 6.2
  2. Administrator access to your Splunk environment
  3. A valid splunk.com username and password
  4. A ReversingLabs Spectra Analyze URL
  5. A valid ReversingLabs Spectra Analyze API token

Installation Steps

  1. Log in to your Splunk SOAR instance as an administrator
  2. Navigate to "Apps"
  3. Click on "New Apps"
  4. Enter "ReversingLabs" in the search box
  5. Click "Install" next to "ReversingLabs A1000 v2"

alt text

Configuration Steps

  1. Navigate to the "Unconfigured Apps" section
  2. Click "Configure New Asset"

alt text

  1. Enter a custom name for the asset
  2. Click "Asset Settings"
  3. Enter a valid Spectra Analyze URL in the "A1000 url" field
  4. Enter a valid Spectra Analyze API token in the "A1000 token" field

alt text

  1. Click the "Save" button"
  2. Click the "Test Connectivity" button to validate the settings

alt text