Welcome to Splunk SOAR (On-premises) 6.3.1
The Splunk SOAR (On-premises) platform combines security infrastructure orchestration, playbook automation, and case management capabilities to integrate your team, processes, and tools to help you orchestrate security workflows, automate repetitive security tasks, and quickly respond to threats.
If you are new to Splunk SOAR (On-premises), read About Splunk SOAR (On-premises) in the Use Splunk SOAR (On-premises) manual to learn how you can use Splunk SOAR (On-premises) for security automation.
If your Splunk SOAR (On-premises) deployment uses the Splunk SOAR Automation Broker see see What's new in Splunk SOAR Automation Broker in the Set up and manage Splunk Automation Broker documentation.
November 13, 2024 Release 6.3.1
What's new in Splunk SOAR (On-premises)
This release of Splunk SOAR (On-premises) includes the following enhancements.
| Splunk idea | Feature | Description |
|---|---|---|
| PPSID-I-180, PPSID-I-483 | Guided automation | Introducing a new streamlined workflow for building playbooks. The new data preview panel overlays real incident and playbook data directly onto the playbook editor for faster, more accurate automation. For details, see Use Data Preview to build, test, and edit Splunk SOAR (On-premises) playbooks. |
| Playbook debugger and Python editor updates | The playbook debugger and Python editor have moved; they are now included as tabs in the new Data Preview panel. For details, see Use Data Preview to build, test, and edit Splunk SOAR (On-premises) playbooks. The Python editor now has additional functionality, including the ability to wrap lines of code, focus on a specific block, and view looping functionality for a specific block. For details, see View or edit the Python code in Splunk SOAR (On-premises) playbooks. | |
| Performance improvements | This release features up to a 2x improvement in automation throughput. Splunk SOAR (On-premises) can now handle more playbooks, custom functions, and actions simultaneously.* | |
| Deactivate dashboard widgets | You can now deactivate individual home dashboard widgets for all users. For details, see Manage dashboard widgets in Splunk SOAR (On-premises). | |
| Home menu Administration section reorganized | The Administration menu has been reworked.
For details, see the relevant sections of Administer Splunk SOAR (On-premises). | |
| New settings toggles | You can now toggle many features on or off from the reorganized Product Settings section of the Administration menu. Several new items have been added.
For details, see the relevant sections of Administer Splunk SOAR (On-premises). |
* Based on internal testing when compared with Splunk SOAR (Cloud) version 6.2.2. Results cited are for illustration. Performance depends on individual use, configuration, and other factors.
See also
- For known issues in this release, see Known issues for Splunk SOAR (On-premises).
- For fixed issues in this release, see Fixed issues for Splunk SOAR (On-premises).
- For release notes for the Splunk SOAR Automation Broker, see What's new in Splunk SOAR Automation Broker in the Set up and manage Splunk Automation Broker documentation.