Developing SOAR Playbooks

This 9 hour introductory course prepares IT and security practitioners to plan, design, create and debug basic playbooks for SOAR. Students will learn fundamentals of SOAR playbook capabilities, creation and testing. This course is a pre-requisite for the Advanced SOAR Implementation course.

Description

  • Automation best practices
  • The visual playbook editor
  • Creating automation and input playbooks
  • Using actions and decisions
  • Using action results
  • Testing and debugging playbooks
  • User interaction
  • Output formatting
  • Complex logic
  • Interacting with artifacts
  • Using files in a playbook
  • Custom lists
  • Data filtering

Cancellation Policy

Requests for cancellations or rescheduling of live instructor-led training must be received at least 5 business days prior to the start of class for a full refund. You agree to pay the full list price for each registered course (irrespective of the amount paid) for failing to cancel at least five working days prior to the course start date and/or failing to attend the complete course (all days).

Duration

9 Hours

How is this training usually structured?

Online training is typically structured in 3,4, or 4.5 hour long half-day sessions or 6-hour full-day sessions with an hour-long break for lunch.

Objectives

Module 1 – Introduction to Playbooks 

  • Understand automation best practices
  • Design playbooks
  • Python support
  • Use the playbook manager

Module 2 – Visual Playbook Editor 

  • Use the visual playbook editor
  • Use actions and decisions
  • Process action results
  • Test new playbooks

Module 3 – User Interaction and Logic 

  • Interact with users during playbook execution
  • Format outputs
  • Use decision blocks

Module 4 – Accessing and Formatting Data 

  • Accessing action results
  • Accessing artifact and container data
  • Formatting data

Module 5 – Modular Playbook Development 

  • Creating inpup playbooks
  • Calling other playbooks
  • Passing data between playbooks

Module 6 – Custom Lists and Filters

  • Custom list concepts
  • Create custom lists
  • Access lists from playbooks
  • Use filters

Prerequisites

To be successful, students should have a solid understanding of the following:

  • Familiarity with Python Programming

One of the Following:

  • Administering SOAR (preferred)
  • Using SOAR Video Courses

What happens when I register?

Once you register, we will send you a confirmation email that includes the information you will need to attend this training.

What is the price of this training?

This training is priced at $1000.00 USD per participant.

We accept payments by credit card (VISA, MasterCard, American Express, and Discover Card) or Training Credits. Note that ILT courses must start before the training credit expiration date. If you would like to pay by purchase order, please contact your account team for a quote.

What language is this class taught in?

This class is taught in English.

Where is the training taking place?

This training is taking place in AMER - Eastern Standard Time - Virtual.

Who is providing this training?

This class is being delivered by a Splunk ALP - ClearShark Services, Inc.