Overview of cases - Splunk Documentation (2024)

logo

Support
Support Portal
Submit a case ticket
Splunk Answers
Ask Splunk experts questions
Support Programs
Find support service offerings
System Status

Contact Us
Contact our customer support
Product Security Updates
Keep your data secure
System Status
Click User Account
- Login
- Sign Up

logo

Products
Product Overview
A data platform built for expansive data access, powerful analytics and automation

Learn more
MORE FROM SPLUNK

Pricing
Platform
Splunk Cloud Platform
Cloud-powered insights for petabyte-scale data analytics across the hybrid cloud
Splunk Enterprise
Search, analysis and visualization for actionable insights from all of your data

Security
Splunk Enterprise Security

Analytics-driven SIEM to quickly detect and respond to threats

Splunk SOAR

Security orchestration, automation and response to supercharge your SOC

Observability

Splunk Infrastructure Monitoring

Instant visibility and accurate alerts for improved hybrid cloud performance

Splunk Application Performance Monitoring

Full-fidelity tracing and always-on profiling to enhance app performance

Splunk IT Service Intelligence

AIOps, incident intelligence and full visibility to ensure service performance

View all products
Solutions
KEY INItiatives
Cloud Transformation
Transform your business in the cloud with Splunk
Business Resilience
Build resilience to meet today’s unpredictable business challenges
Digital Customer Experience
Deliver the innovative and seamless experiences your customers expect
by Use Case

Advanced Threat Detection

Application Modernization

Cloud Migration

IT Modernization

BY TECHNOLOGY

AWS

Azure

GCP

Kubernetes

OpenTelemetry

SAP

BY INDUSTRY

Financial Services

Healthcare

Higher Education

Public Sector

View All Solutions
Why Splunk?
Why Splunk?
Bring data to every question, decision and action across your organization.

Learn More
Customer Stories

See why organizations around the world trust Splunk.

Partners

Accelerate value with our powerful partner ecosystem.

Learn how we support change for customers and communities.
Resources
MORE FROM SPLUNK
Resources
Explore e-books, white papers and more.
Events
Join us at an event near you.
Blogs
See what Splunk is doing.
GET STARTED
Splunk Lantern
Splunk experts provide clear and actionable guidance.
Customer Success
Customer success starts with data success.
Get Started With Splunk
Learn how to use Splunk.
Data Insider
Read focused primers on disruptive technology topics.
become an expert

Become a certified Splunk Expert.
Documentation
Find answers about how to use Splunk.
User Groups
Meet Splunk enthusiasts in your area.
Community
Share knowledge and inspiration.
SURGe
Access timely security research and guidance.
Expand & optimize

It’s easy to get the help you need.
Splunkbase
See Splunk’s 1,000+ Apps and Add-ons.
Splunk Dev
Create your own Splunk Apps.
Splexicon

Support
Support Portal
Submit a case ticket
Splunk Answers
Ask Splunk experts questions
Support Programs
Find support service offerings
System Status

View detailed status

Contact Us
Contact our customer support
Product Security Updates
Keep your data secure
Click Search Help
Click User Account
- Login
- Sign Up

Click Search Help

Splunk^® SOAR (Cloud)

Use Splunk SOAR (Cloud)

Introduction

About
Access Account Settings

Get started using Splunk SOAR (Cloud)

Start with Investigation in
Manage the status, severity, and resolution of events in
Approve actions before they run in
Mark files and events as evidence in
View recommended playbooks, actions, and mission experts for resolving an event
Create, sort, and filter notes in
Search within
View the list of configured playbooks in
Create Executive Summary reports and view all reports in
Create custom lists for use in playbooks

Manage cases in Splunk SOAR (Cloud)

Create and investigate containers
Overview of cases
Create cases in
Add objects to a case in
Define a workflow in a case using workbooks in
Create case reports to download and share in

Documentation
Splunk® SOAR (Cloud)
Use Splunk SOAR (Cloud)
Overview of cases

Introduction

About
Access Account Settings

Get started using Splunk SOAR (Cloud)

Start with Investigation in
Manage the status, severity, and resolution of events in
Approve actions before they run in
Mark files and events as evidence in
View recommended playbooks, actions, and mission experts for resolving an event
Create, sort, and filter notes in
Search within
View the list of configured playbooks in
Create Executive Summary reports and view all reports in
Create custom lists for use in playbooks

Manage cases in Splunk SOAR (Cloud)

Create and investigate containers
Overview of cases
Create cases in
Add objects to a case in
Define a workflow in a case using workbooks in
Create case reports to download and share in

Overview of cases - Splunk Documentation (2024)

Support Portal

Splunk Answers

Support Programs

System Status

Contact Us

Product Security Updates

System Status

Pricing

Splunk Cloud Platform

Splunk Enterprise

Splunk Enterprise Security

Splunk SOAR

Splunk Infrastructure Monitoring

Splunk Application Performance Monitoring

Splunk IT Service Intelligence

Cloud Transformation

Business Resilience

Digital Customer Experience

Advanced Threat Detection

Application Modernization

Cloud Migration

IT Modernization

AWS

Azure

GCP

Kubernetes

OpenTelemetry

SAP

Financial Services

Healthcare

Higher Education

Public Sector

Customer Stories

Partners

Splunk Lantern

Customer Success

Get Started With Splunk

Data Insider

Documentation

User Groups

Community

SURGe

Splunkbase

Splunk Dev

Support Portal

Splunk Answers

Support Programs

System Status

Contact Us

Product Security Updates

Introduction

Get started using Splunk SOAR (Cloud)

Manage cases in Splunk SOAR (Cloud)

Related answers from Splunk Community