Under Repo URL put https://github.com/carbonblack/splunk-soar-content.git
Under Branch Name put main
Leave both Username and Password or access token blank
Under Repo name put cbc-playbooks and click Save
Click the "Update from source control" button and choose your new Repo entry from the Source to update from drop-down.
Type the name of the playbook (CBC Alerts) in the search bar below the drop-down menu.
Playbooks
The Carbon Black Cloud Alert Playbook strings together various actions to help you automate the orchestration and remediation of alerts in Carbon Black Cloud from within Splunk SOAR. There are basic actions for managing alerts and gathering endpoint information, and there are additional actions available per certain alert types.
