Skip to main content

Splunk Training + Certification

SOAR Application Development

Course Description

This 1.75 hour advanced course prepares IT and security practitioners to plan, design, create and debug basic applications for SOAR. Students will learn fundamentals of SOAR application capabilities, creation and testing.

eLearning with Labs

The best of both delivery methods. Self-paced eLearning videos accessible anytime, anywhere, plus access to the interactive lab environment to sharpen your skills.


Prerequisite Knowledge

To be successful, students should have a solid understanding of the following:

  • Experience programming in Python
  • Advanced SOAR (Phantom) Implementation, or equivalent experience

Course Topics

  • Introduction to SOAR applications
  • Application architecture
  • Best practices for application development
  • Building applications
  • Debugging applications

Course Objectives

Topic 1 – Introduction to SOAR Application Development
  • Understand SOAR application architecture
  • Examine application development documentation
  • Configure an environment to develop applications
  • Design applications
  • Use the App Wizard to start a new app development project
Topic 2 – Configure a New Application
  • List application dependencies and paths
  • Map application actions to python functions
  • Map application function results to data paths
  • Identify steps to compile an application
Topic 3 –Debugging and Output Mapping
  • Configure debugging environment variables
  • Create test JSON for debugging
  • Run applications in PuDB debugger
  • Install, configure and use the Web-PDB debugger
  • Map action results to data paths