{"id":8545,"date":"2024-09-12T07:47:09","date_gmt":"2024-09-12T07:47:09","guid":{"rendered":"\/cybersecurity-blog\/?p=8545"},"modified":"2025-08-14T11:10:05","modified_gmt":"2025-08-14T11:10:05","slug":"splunk-integration","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/","title":{"rendered":"ANY.RUN Now Integrates with Splunk!"},"content":{"rendered":"\n<p>We have some thrilling news to share with you today. Our team at <a href=\"https:\/\/any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=splunk_integration&amp;utm_term=120924&amp;utm_content=linktolanding\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN<\/a> is happy to announce the launch of our <a href=\"https:\/\/splunkbase.splunk.com\/app\/7474\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">new integration with Splunk<\/a>!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How this integration benefits you&nbsp;<\/h2>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"787\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-1024x787.png\" alt=\"Official page of ANY.RUN\u2019s connector for Splunk\" class=\"wp-image-12113\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-1024x787.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-300x230.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-768x590.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-1536x1180.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-2048x1573.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-370x284.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-270x207.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-740x569.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/\u0421\u043d\u0438\u043c\u043e\u043a-\u044d\u043a\u0440\u0430\u043d\u0430-2025-03-12-\u0432-12.17.40-80x60.png 80w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Official page of ANY.RUN\u2019s connector for Splunk<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>If you\u2019re a Splunk user, you can now leverage ANY.RUN&#8217;s <a href=\"https:\/\/any.run\/cybersecurity-blog\/interactive-malware-sandbox\/\" target=\"_blank\" rel=\"noreferrer noopener\">Interactive Sandbox<\/a> and <a href=\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Lookup<\/a> directly from your Splunk SOAR environment.&nbsp;&nbsp;<\/p>\n\n\n\n<p>This means that you can analyze potentially malicious files and URLs in the <a href=\"https:\/\/app.any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=splunk_integration&amp;utm_term=120924&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\">sandbox<\/a> and enrich your investigations with threat data from <a href=\"https:\/\/intelligence.any.run\/analysis\/lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=splunk_integration&amp;utm_term=120924&amp;utm_content=linktolookup\" target=\"_blank\" rel=\"noreferrer noopener\">TI Lookup<\/a> without leaving the familiar Splunk interface.&nbsp;&nbsp;<\/p>\n\n\n\n<p>Our main goal with this integration is to give you more options and help you make the most out of ANY.RUN while working with familiar systems.&nbsp;&nbsp;<\/p>\n\n\n\n<p>The integration supports a wide range of actions, from simple reputation checks to full detonation and analysis of suspicious objects.&nbsp;&nbsp;<\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nIntegrate  <span class=\"highlight\">ANY.RUN solutions<\/span> in your organization&nbsp;\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/app.any.run\/contact-us\/?utm_source=anyrunblog&#038;utm_medium=article&#038;utm_campaign=splunk_integration&#038;utm_term=120924&#038;utm_content=linktocontactus\/\" rel=\"noopener\" target=\"_blank\">\nContact Sales\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">Key Features&nbsp;<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Comprehensive Threat Intelligence&nbsp;<\/h3>\n\n\n\n<p>The integration allows analysts to query ANY.RUN&#8217;s threat intelligence database directly from Splunk SOAR.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"464\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image5-1024x464.png\" alt=\"\" class=\"wp-image-8820\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image5-1024x464.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image5-300x136.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image5-768x348.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image5-1536x696.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image5-2048x929.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image5-370x168.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image5-270x122.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image5-740x336.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Use the<\/em><strong><em> get intelligence<\/em><\/strong><em> action to query TI Lookup\u2019s database<\/em><\/figcaption><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Automated Malware Analysis&nbsp;<\/h3>\n\n\n\n<p>One of the most powerful features of this integration is the ability to automatically detonate files and URLs in ANY.RUN&#8217;s sandbox.&nbsp;&nbsp;<\/p>\n\n\n\n<p>This process can be triggered as part of a Splunk SOAR playbook, allowing for analysis of attachments in phishing emails or suspicious downloads detected by network monitors. You can also access any analysis session you launch in the sandbox to perform manual actions or gain a deeper understanding of the threat.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"811\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image6-2-1024x811.png\" alt=\"\" class=\"wp-image-8821\" style=\"width:634px;height:502px\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image6-2-1024x811.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image6-2-300x238.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image6-2-768x608.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image6-2-370x293.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image6-2-270x214.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image6-2-740x586.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image6-2.png 1379w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>You can perform file analysis, collect IOCs, get IP reputation, and more<\/em><\/figcaption><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Detailed Reporting and IOC Extraction&nbsp;<\/h3>\n\n\n\n<p>The &#8216;get report&#8217; action retrieves key analysis details, including the verdict on the sample\u2019s threat level. You can also see the rest of the analysis results by navigating to the corresponding part of the interface.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"458\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image4-1-1024x458.png\" alt=\"\" class=\"wp-image-8823\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image4-1-1024x458.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image4-1-300x134.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image4-1-768x344.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image4-1-1536x687.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image4-1-2048x916.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image4-1-370x166.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image4-1-270x121.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image4-1-740x331.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>The interface lets you quickly see the verdict on the sample<\/em><\/figcaption><\/figure><\/div>\n\n\n<h3 class=\"wp-block-heading\">Advanced Threat Hunting&nbsp;<\/h3>\n\n\n\n<p>If you have ANY.RUN\u2019s TI License, you can use the &#8216;get intelligence&#8217; action to perform complex queries against ANY.RUN&#8217;s threat intelligence database.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"814\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image3-1-1024x814.png\" alt=\"\" class=\"wp-image-8824\" style=\"width:618px;height:492px\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image3-1-1024x814.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image3-1-300x239.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image3-1-768x611.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image3-1-370x294.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image3-1-270x215.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image3-1-740x589.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image3-1.png 1368w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Threat Intelligence Lookup lets you use dozens of search parameters<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>Search for specific file hashes, IP addresses, domains, or even MITRE ATT&amp;CK techniques you uncover in previous analyses.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Real-World Application&nbsp;<\/h3>\n\n\n\n<p>Consider a scenario where a Splunk SOAR playbook is triggered by a potential phishing email.&nbsp;<\/p>\n\n\n\n<p>The playbook could automatically extract any URLs and attachments from the email, then use the &#8216;url reputation&#8217; action to check if the URLs have been previously analyzed by ANY.RUN.&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>For new or suspicious URLs, the playbook could use the &#8216;detonate url&#8217; action to analyze them in a sandbox environment.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Similarly, for attachments, the &#8216;detonate file&#8217; action could be used to safely execute and analyze them.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>The playbook could then retrieve detailed reports and IOCs using the &#8216;get report&#8217; and &#8216;get iocs&#8217; actions.&nbsp;<\/p>\n\n\n\n<p>Finally, it could use the extracted IOCs to automatically update firewall rules, trigger endpoint scans, or create new detection rules in the SIEM.&nbsp;<\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nTest all features of  <span class=\"highlight\">ANY.RUN<\/span> <br>See how it can benefit your team&nbsp;\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/any.run\/demo\/?utm_source=anyrunblog&#038;utm_medium=article&#038;utm_campaign=splunk_integration&#038;utm_term=120924&#038;utm_content=linktodemo\/\" rel=\"noopener\" target=\"_blank\">\nGet FREE trial\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">How to Set it Up&nbsp;<\/h2>\n\n\n\n<p>To leverage this <a href=\"https:\/\/splunkbase.splunk.com\/app\/7474\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">new integration<\/a>, users will need a Splunk SOAR environment and an ANY.RUN account with API access. Preferably, a &#8216;Hunter&#8217; or &#8216;Enterprise&#8217; subscription is recommended for full feature access.\u00a0<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"642\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/imagelast-1024x642.png\" alt=\"\" class=\"wp-image-8825\" style=\"width:712px;height:447px\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/imagelast-1024x642.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/imagelast-300x188.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/imagelast-768x482.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/imagelast-1536x964.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/imagelast-370x232.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/imagelast-270x169.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/imagelast-740x464.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/imagelast.png 1664w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Splunk connector details<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>The setup process is straightforward:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Configure a new ANY.RUN asset in Splunk SOAR.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Provide the ANY.RUN base URL (typically https:\/\/api.any.run).<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enter the API key from your ANY.RUN profile page.<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Set a default timeout for API requests.<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"598\" src=\"\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image1-1024x598.png\" alt=\"\" class=\"wp-image-8826\" style=\"width:720px;height:421px\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image1-1024x598.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image1-300x175.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image1-768x449.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image1-1536x897.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image1-2048x1196.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image1-370x216.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image1-270x158.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2024\/09\/image1-740x432.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>The connector is easy to set up<\/em><\/figcaption><\/figure><\/div>\n\n\n<p>Once configured, the ANY.RUN actions will be available for use in Splunk SOAR playbooks and for manual invocation by analysts.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">About ANY.RUN&nbsp;&nbsp;<\/h2>\n\n\n\n<p>ANY.RUN helps more than 400,000 cybersecurity professionals worldwide. Our <a href=\"https:\/\/any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=splunk_integration&amp;utm_term=120924&amp;utm_content=linktolanding\" target=\"_blank\" rel=\"noreferrer noopener\">interactive sandbox<\/a> simplifies malware analysis of threats that target both Windows and <a href=\"https:\/\/any.run\/cybersecurity-blog\/linux-malware-analysis-cases\/\" target=\"_blank\" rel=\"noreferrer noopener\">Linux<\/a> systems. Our threat intelligence products, <a href=\"https:\/\/any.run\/cybersecurity-blog\/introducing-any-run-threat-intelligence-lookup\/\" target=\"_blank\" rel=\"noreferrer noopener\">TI Lookup<\/a>, <a href=\"https:\/\/any.run\/cybersecurity-blog\/yara-search\/\" target=\"_blank\" rel=\"noreferrer noopener\">Yara Search<\/a> and <a href=\"https:\/\/any.run\/cybersecurity-blog\/ti-feeds-integration\/\" target=\"_blank\" rel=\"noreferrer noopener\">Feeds<\/a>, help you find <a href=\"https:\/\/any.run\/cybersecurity-blog\/indicators-of-compromise\/\" target=\"_blank\" rel=\"noreferrer noopener\">IOCs<\/a> or files to learn more about the threats and respond to incidents faster.&nbsp;&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>With ANY.RUN you can:<\/strong>&nbsp;<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Detect malware in seconds<\/li>\n\n\n\n<li>Interact with samples in real time<\/li>\n\n\n\n<li>Save time and money on sandbox setup and maintenance<\/li>\n\n\n\n<li>Record and study all aspects of malware behavior<\/li>\n\n\n\n<li>Collaborate with your team&nbsp;<\/li>\n\n\n\n<li>Scale as you need<\/li>\n<\/ul>\n\n\n\n<p><a href=\"https:\/\/any.run\/demo\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=splunk_integration&amp;utm_term=120924&amp;utm_content=linktodemo\/\" target=\"_blank\" rel=\"noreferrer noopener\">Request free trial \u2192&nbsp;<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have some thrilling news to share with you today. Our team at ANY.RUN is happy to announce the launch of our new integration with Splunk! How this integration benefits you&nbsp; If you\u2019re a Splunk user, you can now leverage ANY.RUN&#8217;s Interactive Sandbox and Threat Intelligence Lookup directly from your Splunk SOAR environment.&nbsp;&nbsp; This means [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":8548,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[81],"tags":[57,54,15,34,40,55,56],"class_list":["post-8545","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-integrations-connectors","tag-anyrun","tag-features","tag-malware","tag-malware-analysis","tag-malware-behavior","tag-release","tag-update"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.10 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>ANY.RUN Now Integrates with Splunk! - ANY.RUN&#039;s Cybersecurity Blog<\/title>\n<meta name=\"description\" content=\"Learn about ANY.RUN&#039;s integration with Splunk and see how you can analyze and investigate threats with our services via Splunk&#039;s interface.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"y.shvetsov\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/\"},\"author\":{\"name\":\"y.shvetsov\",\"@id\":\"https:\/\/any.run\/\"},\"headline\":\"ANY.RUN Now Integrates with Splunk!\",\"datePublished\":\"2024-09-12T07:47:09+00:00\",\"dateModified\":\"2025-08-14T11:10:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/\"},\"wordCount\":772,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"keywords\":[\"ANYRUN\",\"features\",\"malware\",\"malware analysis\",\"malware behavior\",\"release\",\"update\"],\"articleSection\":[\"Integrations &amp; connectors\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/\",\"name\":\"ANY.RUN Now Integrates with Splunk! - ANY.RUN&#039;s Cybersecurity Blog\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/\"},\"datePublished\":\"2024-09-12T07:47:09+00:00\",\"dateModified\":\"2025-08-14T11:10:05+00:00\",\"description\":\"Learn about ANY.RUN's integration with Splunk and see how you can analyze and investigate threats with our services via Splunk's interface.\",\"breadcrumb\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Integrations &amp; connectors\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/category\/integrations-connectors\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"ANY.RUN Now Integrates with Splunk!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN&#039;s Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/any.run\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\/\/any.run\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\/\/any.run\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/www.any.run\/\",\"https:\/\/twitter.com\/anyrun_app\",\"https:\/\/www.linkedin.com\/company\/30692044\",\"https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"y.shvetsov\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d0d0a5df59078efed19ba1b45c4fb721?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d0d0a5df59078efed19ba1b45c4fb721?s=96&d=mm&r=g\",\"caption\":\"y.shvetsov\"},\"url\":\"https:\/\/any.run\/cybersecurity-blog\/author\/y-shvetsov\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ANY.RUN Now Integrates with Splunk! - ANY.RUN&#039;s Cybersecurity Blog","description":"Learn about ANY.RUN's integration with Splunk and see how you can analyze and investigate threats with our services via Splunk's interface.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/","twitter_misc":{"Written by":"y.shvetsov","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/#article","isPartOf":{"@id":"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/"},"author":{"name":"y.shvetsov","@id":"https:\/\/any.run\/"},"headline":"ANY.RUN Now Integrates with Splunk!","datePublished":"2024-09-12T07:47:09+00:00","dateModified":"2025-08-14T11:10:05+00:00","mainEntityOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/"},"wordCount":772,"commentCount":0,"publisher":{"@id":"https:\/\/any.run\/"},"keywords":["ANYRUN","features","malware","malware analysis","malware behavior","release","update"],"articleSection":["Integrations &amp; connectors"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/","url":"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/","name":"ANY.RUN Now Integrates with Splunk! - ANY.RUN&#039;s Cybersecurity Blog","isPartOf":{"@id":"https:\/\/any.run\/"},"datePublished":"2024-09-12T07:47:09+00:00","dateModified":"2025-08-14T11:10:05+00:00","description":"Learn about ANY.RUN's integration with Splunk and see how you can analyze and investigate threats with our services via Splunk's interface.","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/splunk-integration\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"Integrations &amp; connectors","item":"https:\/\/any.run\/cybersecurity-blog\/category\/integrations-connectors\/"},{"@type":"ListItem","position":3,"name":"ANY.RUN Now Integrates with Splunk!"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN&#039;s Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/twitter.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]},{"@type":"Person","@id":"https:\/\/any.run\/","name":"y.shvetsov","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/secure.gravatar.com\/avatar\/d0d0a5df59078efed19ba1b45c4fb721?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d0d0a5df59078efed19ba1b45c4fb721?s=96&d=mm&r=g","caption":"y.shvetsov"},"url":"https:\/\/any.run\/cybersecurity-blog\/author\/y-shvetsov\/"}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/8545"}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=8545"}],"version-history":[{"count":9,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/8545\/revisions"}],"predecessor-version":[{"id":12114,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/8545\/revisions\/12114"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/8548"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=8545"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/categories?post=8545"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/tags?post=8545"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}