Actions and workflows used in my StackStorm BSides Ljubljana 2015 presentation.
Used packs:
- core
- st2
- linux
- libcloud
- rackspace
- mailgun
This workflow retrieves forensic information from a provided server.
This workflow puts server in a "lockdown" mode.
This workflow notifies administrators about a potential breach.