Splunk

Splunk Enterprise Security API

The Splunk Enterprise Security API provides REST endpoints for accessing and modifying findings, investigations, risk scores, assets, and identities in Splunk Enterprise Security. It includes an OpenAPI specification for download.

GitHub

Documentation

📖
Documentation
https://help.splunk.com/en/splunk-enterprise-security-8/api-reference
📖
APIReference
https://help.splunk.com/en/splunk-enterprise-security-8/rest-api-reference
📖
GettingStarted
https://dev.splunk.com/enterprise/docs/devtools/enterprisesecurity
📖
APIReference
Threat Intelligence API
📖
Documentation
Threat Intelligence Framework