Energy SOAR User Guide

• Overview
  • About
    • Components

• Energy SOAR installation guide
  • Install

• Architecture
  • Logical architecture

• Configuration
  • Cortex
    • Database
    • Analyzers and Responders
    • Authentication
    • OAuth2/OpenID Connect
    • Performance
    • Analyzer Results
    • Streaming (a.k.a The Flow)
    • Entity Size Limit
    • HTTPS
  • TheHive
    • secret.conf file
    • License
    • Listen address & port
    • Context
    • Specific configuration for streams
    • Manage content lengh
    • Manage configuration files
  • SSL
  • Change system language

• User guide
  • Administration
    • Manage analyzer template
      • List analyzer templates
      • Import analyzer templates
    • User Profiles management
      • Permissions
      • Profiles
      • Observable types
    • Kill user session
  • Reports
    • Create and edit
    • List
  • Alerts
  • Responders
    • Responders list
  • Analyzers
    • Analyzers list
  • Cases
    • Observables
      • How to add observables into Case
  • Organisation
  • Reports
  • Workflows
    • Crate your first workflow
      • Automate Incident Reporting with Typeform
    • Connection
      • Example
    • Workflows List
    • Credentials
    • Executions
    • Node
      • Core nodes
      • Regular nodes
        • Example
      • Trigger nodes
      • Node settings
        • Operations
        • Parameters
        • Settings
    • Workflow integration nodes

• Operations

• Integrations
  • Energy Logserver SIEM

• API
  • Base API Guide
    • Authentication
      • Using API key
      • Using basic authentication
    • Alert
      • Model definition
      • Alert Manipulation
        • Alert methods
        • Get an alert
        • Create an alert
        • Merge an alert
        • Bulk merge alert
    • Observable
      • Model definition
      • Observable manipulation
        • Observable methods
        • List Observables of a Case
    • Case
      • Model definition
      • Case Manipulation
        • Case methods
        • Create a Case
    • Log
      • Model definition
      • Log manipulation
        • Log methods
        • Create a log
    • Task
      • Model definition
      • Task manipulation
        • Task methods
        • Create a task
    • Base module Model Definition
      • Field Types
      • Common Attributes
    • Request formats
      • Query String
      • URL-encoded Form
      • JSON
      • Multi-part
      • Response Format
    • User
      • Model definition
      • User Manipulation
        • User methods
        • Create a User
  • Automation API Guide
    • Introduction
      • Request & Response Formats
        • Query String
        • URL-encoded Form
        • JSON
        • Multi-part
        • Response Format
      • Authentication
        • Generating API Keys with an orgAdmin Account
        • Generating API Keys with a superAdmin Account
        • Authenticating with an API Key
        • Using Basic Authentication
    • Organization APIs
      • Organization Model
      • List
      • Create
      • Update
      • Delete
      • Obtain Details
      • List Users
      • List Enabled Analyzers
    • User APIs
      • User Model
      • List All
      • List Users within an Organization
      • Search
      • Create
      • Update
      • Get Details
      • Set a Password
      • Change a password
      • Set and Renew an API Key
      • Get an API Key
      • Revoke an API Key
    • Job APIs
      • Job Model
      • List and Search
      • Get Details
      • Get Details and Report
      • Wait and Get Job Report
      • Get Artifacts
      • Delete
    • Analyzer APIs
      • Analyzer Model
      • Enable
      • List and Search
      • Get Details
      • Get By Type
      • Update
      • Run
      • Disable
    • Miscellaneous APIs
      • Paging and Sorting