- Automation Management
- Automation Management Permissions
- Automation Management Playbooks
- Automation Management Playbook Triggers
- Pre-Built Automation Management Playbooks
- Automation Management Advanced Playbooks
- Automation Management Rule-Based Playbooks
- Filter Automation Management Playbooks
- Find Automation Management Playbooks
- Enable or Disable an Automation Management Playbook
- Reorder an Automation Management Playbook
- Delete an Automation Management Playbook
- Automation Management Services
- Automation Management Actions
- Create an Automation Management Action
- Clone an Automation Management Action
- Edit an Automation Management Action
- Deploy an Automation Management Action
- Preview Automation Management Action Code
- View Automation Management Action Version History
- View Automation Management Action Audit Log
- Refresh Automation Management Action List
Pre-built services are services that are already configured and enabled by default. They're listed along other services in Automation Management. There is one pre-built playbook, the threatcenter service.
The threatcenter service integrates Automation Management with Threat Center. It has eight actions:
No op – Logs the message No operation performed.
Update Alert – Updates the associated Exabeam use cases, tags, priority, and MITRE ATT&CK® tactics and techniques of an alert with a given alert ID.[2]
Update Case – Updates the associated Exabeam use cases, tags, priority, ATT&CK tactics and techniques, stage, closed reason if the stage is changed to Closed, queue, and assignee of a case with a given case ID.
Alert: Send Email – Sends information about an alert with a given alert ID to a list of email addresses.
Alert: Send Webhook – Sends information about an alert with a given alert ID to a list of webhook IDS.
Case: Send Email – Sends information about a case with a given case ID to a list of email addresses.
Case: Send Webhook – Sends information about a case with a given case ID to a list of webhook IDs.
Create Case – Manually creates a case given a case ID and associated Exabeam use cases, tags, priority, ATT&CK tactics and techniques, stage, closed reason if the stage is Closed, queue, and assignee.
If you don't want to use a pre-built service, create your own service.
[2] MITRE ATT&CK and ATT&CK are trademarks of The MITRE Corporation ("MITRE"). Exabeam is not affiliated with or sponsored or endorsed by MITRE. Nothing herein is a representation of the views or opinions of MITRE or its personnel.