From d96c007467fea5e61266f48372aca31d820b4fb4 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 13 Nov 2023 22:37:18 -0800 Subject: [PATCH] Release notes for version 1.0.1 --- README.md | 51 ++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 46 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 19e148a..20f7571 100644 --- a/README.md +++ b/README.md @@ -10,15 +10,56 @@ Minimum Product Version: 6.1.1.211 This app will interact with SEKOIA.IO -# Splunk> Phantom +[comment]: # "File: README.md" +[comment]: # "Copyright (c) 2023 SEKOIA.IO" +[comment]: # "" +[comment]: # "Licensed under the Apache License, Version 2.0 (the 'License');" +[comment]: # "you may not use this file except in compliance with the License." +[comment]: # "You may obtain a copy of the License at" +[comment]: # "" +[comment]: # " http://www.apache.org/licenses/LICENSE-2.0" +[comment]: # "" +[comment]: # "Unless required by applicable law or agreed to in writing, software distributed under" +[comment]: # "the License is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND," +[comment]: # "either express or implied. See the License for the specific language governing permissions" +[comment]: # "and limitations under the License." +[comment]: # "" +# Sekoia.io actions +## Purpose -Welcome to the open-source repository for Splunk> Phantom's sekoiaio App. +Develop a Splunk SOAR App that interact with [SEKOIA.IO](http://SEKOIA.IO) CTI. -Please have a look at our [Contributing Guide](https://github.com/Splunk-SOAR-Apps/.github/blob/main/.github/CONTRIBUTING.md) if you are interested in contributing, raising issues, or learning more about open-source Phantom apps. +## Authentication -## Legal and License +To interact with the [SEKOIA.IO](http://SEKOIA.IO) API, use an API key. -This Phantom App is licensed under the Apache 2.0 license. Please see our [Contributing Guide](https://github.com/Splunk-SOAR-Apps/.github/blob/main/.github/CONTRIBUTING.md#legal-notice) for further details. +see [this documentation](https://docs.sekoia.io/cti/features/integrations/api/) for more information + +## Actions + +The App should implement the following actions + +### Get indicator + +This action allow the user to get an indicator according to some criteria + +### Get indicator Context + +Create an action that allow the user to get the context of an indicator + +### Get Observable + +Create an action that allow the user to get an observable according to some criteria + +## Port Information + +The app uses HTTP/ HTTPS protocol for communicating with the Sekoiaio api. Below are the default +ports used by Splunk SOAR. + +|         Service Name | Transport Protocol | Port | +|----------------------|--------------------|------| +|         http | tcp | 80 | +|         https | tcp | 443 | ### Configuration Variables