Skip to main content

Spectra Analyze App for Splunk SOAR Installation Guide

Overview

This guide will describe the process of installing and configuring the ReversingLabs Spectra Analyze app for Splunk SOAR.

Prerequisites

Before you begin, ensure you have:

  1. A Splunk SOAR on-prem or Splunk SOAR Cloud instance versions 6.3 or 6.2
  2. Administrator access to your Splunk environment
  3. A valid splunk.com username and password
  4. A ReversingLabs Spectra Analyze URL
  5. A valid ReversingLabs Spectra Analyze API token

Installation Steps

  1. Log in to your Splunk SOAR instance as an administrator
  2. Navigate to "Apps"
  3. Select "New Apps"
  4. Enter "ReversingLabs" in the search box
  5. Click "Install" next to "ReversingLabs A1000 v2"

Splunk SOAR App installation screen with ReversingLabs A1000 v2

Configuration Steps

  1. Navigate to the "Unconfigured Apps" section
  2. Click "Configure New Asset"

Splunk SOAR Unconfigured Apps section with Configure New Asset button

  1. Enter a custom name for the asset
  2. Click "Asset Settings"
  3. Enter a valid Spectra Analyze URL in the "A1000 url" field
  4. Enter a valid Spectra Analyze API token in the "A1000 token" field

Splunk SOAR asset configuration form for A1000 Spectra Analyze connection

  1. Click the "Save" button"
  2. Click the "Test Connectivity" button to validate the settings

Splunk SOAR asset configuration Save and Test Connectivity buttons