Skip to main content
Panther Knowledge Base

Enabling GreyNoise integration for use with Panther Analysis Tool

  1. Last updated
  2. Save as PDF

QUESTION

As mentioned in Panther's documentation, if you use the Panther Analysis Tool for managing detections, you should not enable the GreyNoise pack in the Panther Console. What is the process to enable and start taking advantage of the GreyNoise pack while keeping the existing CI/CD workflows?

ANSWER

As a CI/CD user, you can pull the latest version of panther-analysis to access the GreyNoise Lookup Tables. Then, set Enabled: true in the YML files of the lookup tables you want to use. 

If you make any changes to the lookup tables, do not enable the packs via the Panther Console. Simultaneous use of both the Panther Console and PAT to manage this pack is not supported.

If you keep your own repo, you can copy the files for the Lookup Tables from Panther's GitHub repo here.
 

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.