ExtraHop - Default

Handles ticket tracking as well as triggeres specific playbooks based on the name of the ExtraHop Detection. Default playbook to run for all ExtraHop Detection incidents.

Dependencies

This playbook uses the following sub-playbooks, integrations, and scripts.

Sub-playbooks

  • ExtraHop - Ticket Tracking
  • ExtraHop - CVE-2019-0708 (BlueKeep)

Integrations

This playbook does not use any integrations.

Scripts

  • Exists

Commands

This playbook does not use any commands.

Playbook Inputs


There are no inputs for this playbook.

Playbook Outputs


PathDescriptionType
CVEThe details on the CVE.unknown
ExtraHop.DeviceThe details on the host and any peer devices found.unknown
ExtraHop.ActivityMapThe link to a visual activity map in ExtraHop.string
ExtraHop.Record.SourceThe associated transaction records from ExtraHop.unknown

Playbook Image


ExtraHop_Default