SOAR (Phantom) Installation in existing server wit...

Santhosh · ‎11-22-2021

Hi Everyone,

I spinned up a new machine(VM) in Azure and trying to install the phantom (SOAR) using RPM file.

So I have partitioned & mounted 700 GB to /Opt and 5 GB to /tmp directory.

While installing the package, I am getting below error. Unable to find the answers for this.

Can someone help on this?

Failed to run install for git

Error: Package: git-2.16.1-1.el7.x86_64 (phantom-base)
Requires: perl(SVN::Ra)
Error: Package: git-2.16.1-1.el7.x86_64 (phantom-base)
Requires: perl(SVN::Delta)
Error: Package: git-2.16.1-1.el7.x86_64 (phantom-base)
Requires: perl(SVN::Core)

Thanks,

Santhosh Govindhan

tgendron_splunk · ‎05-14-2022

See KB 65 at (https://my.phantom.us/kb/65/) There is a specific statement about additional modules “Note for AWS Users:
RPM's will look different. For AWS Red Hat images, the repo name for the packages in RedHat's rhel-7-server-optional-rpms will appear as: rhui-REGION-rhel-server-optional
These can be enabled in the /etc/yum.repos.d/redhat-rhui.repo file. “

Go into the repo file and set enable to 1 and retry the phantom install.

SOAR (Phantom) Installation in existing server with RPM

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Tiling

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

Upgrade Prep for 10.4, Network Observability Deep Dives, and More from Splunk Lantern

Join the Conversation