I have not been able to see any of the logs in splunk that we are supposed to. We added the Phantom remote search app to splunk and have it configured, but i am not able to see a connection problem on either side. Wondering if some smart person out there could share a lesson learned.
To be clear - the Phantom Remote Search App is for the case when you want to use an external Splunk instance to back Phantom, and not the built-in Splunk that comes with the Phantom product. Can you confirm this is your intention?
If so - please provide more details about the steps and configuration you've taken so far.