To set up Carbon Black Cloud Playbooks for Splunk SOAR, perform the following procedure.

Prerequisites

Read the Splunk SOAR documentation on how to access the source control settings in Splunk SOAR.

Procedure

1. On the Administer Splunk SOAR (On-premises) page, follow the steps in the Set up a playbook repository using HTTP, HTTPS, or Git section to set up the GIT repository.
   1. For Repo URL, enter https://github.com/carbonblack/splunk-soar-content.git.
   2. For Branch Name, enter main.
   3. Leave both Username and Password or access token blank.
   4. For Repo name, enter cbc-playbooks.
   5. Click Save.
2. Click the Update from source control button and select your new Repo entry from the Source to update from dropdown menu.
3. Type the name of the playbook (CBC Alerts) in the search bar below the dropdown menu.