Publisher Node

Chronicle SOAR Publisher is a web server based on Django Framework which acts as a broker between the Chronicle SOAR server and the remote executors. It also stores python dependencies which are required for running actions for all remote actions and integrations. Chronicle SOAR Publisher is deployed on a CentOS 7.5 and above machine and served using Gunicron and Nginx.

The Publisher comes with built in self signed certificates. If you would like to use your own certificates, see Nginx Documentation

Chronicle SOAR Publisher has an admin panel for managing API keys, dependencies and log activities.
Admin panel URL is: https://[publisher-address]/admin

Only a Publisher user can log in to the admin panel:

In the admin panel you can find the following resources:

Tokens: For managing agents access tokens. Note that this is the only item on the screen that you will need.
Agents: Review registered agents and their data
Connector packages: Review connectors output packages (Data is encrypted). The packages are removed every time Chronicle SOAR pulls them
Dependencies: For managing all existing python dependencies
Log records: All agent execution history records
Tasks: The new and ongoing tasks exist in the server (Data is encrypted). Once a task is finished, its removed from the tasks section and only the log record remains.

Welcome to

Chronicle SOAR Product Documentation

Publisher Node

Remote Agents Deployment (On-Prem only)

Welcome to

Chronicle SOAR Product Documentation

Publisher Node

Remote Agents Deployment (On-Prem only)

Suggested articles