SOAR (Phantom) Installation in existing server wit...

Santhosh · ‎11-22-2021

Hi Everyone,

I spinned up a new machine(VM) in Azure and trying to install the phantom (SOAR) using RPM file.

So I have partitioned & mounted 700 GB to /Opt and 5 GB to /tmp directory.

While installing the package, I am getting below error. Unable to find the answers for this.

Can someone help on this?

Failed to run install for git

Error: Package: git-2.16.1-1.el7.x86_64 (phantom-base)
Requires: perl(SVN::Ra)
Error: Package: git-2.16.1-1.el7.x86_64 (phantom-base)
Requires: perl(SVN::Delta)
Error: Package: git-2.16.1-1.el7.x86_64 (phantom-base)
Requires: perl(SVN::Core)

Thanks,

Santhosh Govindhan

tgendron_splunk · ‎05-14-2022

See KB 65 at (https://my.phantom.us/kb/65/) There is a specific statement about additional modules “Note for AWS Users:
RPM's will look different. For AWS Red Hat images, the repo name for the packages in RedHat's rhel-7-server-optional-rpms will appear as: rhui-REGION-rhel-server-optional
These can be enabled in the /etc/yum.repos.d/redhat-rhui.repo file. “

Go into the repo file and set enable to 1 and retry the phantom install.

SOAR (Phantom) Installation in existing server with RPM

Buttercup Games: Further Dashboarding Techniques (Part 6)

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Splunk Observability Synthetic Monitoring - Resolved Incident on Detector Alerts