Description Leverages Splunk technologies to determine if a .eml or .msg file in the vault is malicious, whether or not it contained suspect URLs or Files, and who may have interacted with the IoCs (email, URLs, or Files). Type: Investigation Date: 2023-12-23 Author: Kelby Shelton, Splunk ID: c69e3310-a819-4d16-a615-348fa8d88b0b How To Implement Ensure the four input playbooks are loaded onto the system. The input playbooks are designed to be swappable within the same category (e.
