SplunkEmailParser

Deprecated

Classifies an incident created from an email originating from Splunk. The mail type should be in plain text, and inline. The table should be selected. Parsing should be done in the following manner. The "type" is the header sourcetype, the "severity" is the mail importance level, the "incident name" is the mail subject and the systems are taken from the host.

Script Data

Name	Description
Script Type	javascript
Tags	splunk, ingestion

Dependencies

This script uses the following commands and scripts.

Inputs

Argument Name	Description
body	The content's (body) of the email.
subject	The subject of the email.

Outputs

There are no outputs for this script.

PAN-OS

Cortex Data Lake

Cortex XSOAR

PAN-OS

Cortex Data Lake

Cortex XSOAR

SplunkEmailParser

Deprecated

Script Data

Dependencies

Inputs

Outputs

PAN-OS

Cortex Data Lake

Cortex XSOAR

PAN-OS

Cortex Data Lake

Cortex XSOAR

Deprecated

Script Data#

Dependencies#

Inputs#

Outputs#

Script Data

Dependencies

Inputs

Outputs