Using Phishing Triage with SIEM Tools

Updated 1 week ago by Elvis Hovor

You can connect the Phishing Indicators Enclave in the Phishing Triage feature to your SIEM tools and workflows.

Splunk ES

In the TruSTAR support document for Splunk ES, go to the Creating Inputs to Splunk ES section and follow the steps to connect the Phishing Indicators Enclave to your Splunk ES installation. 

LogRhythm

In the TruSTAR support document for LogRhythm, follow the steps in Configuring the TAXII Client to connect the Phishing Indicators Enclave to your LogRhythm installation.

IBM QRadar

In the TruSTAR support document for IBM QRadar, follow the steps to connect the Phishing Indicators Enclave to your IBM QRadar installation.


How Did We Do?