Security Premium Solutions

Security Premium Solutions
Category Activity
konka4
Hey everyone,   I'm at a loss for what this is, I always get stuck at install step 27 and then it throws these errors...
by konka4 Splunk Employee Splunk Employee in Splunk SOAR (f.k.a. Phantom) Wednesday
0 2
0
2
dsofoulis
I would like to have an investigation created with a notable event recorded in there using the API.I've been trying t...
by dsofoulis Path Finder in Splunk Enterprise Security Tuesday
0 3
0
3
LionWolf
Hello,   This is my first time seeking help in a forum, I apologize if my ask is confusing.   I'm looking to pull the...
by LionWolf Explorer in Splunk Enterprise Security Monday
0 4
0
4
DeepthiNavuru
Hello,Good day!MS Graph API duplicate email ingestion into Splunk SOAR:  We have Splunk SOAR v 6.1.1, and the Graph A...
by DeepthiNavuru New Member in Splunk SOAR (f.k.a. Phantom) 2 weeks ago
0 0
0
0
splunky_diamond
Hello, Splunkers!I hope there are some SOC analysts around who are using Splunk Enterprise and Splunk ES in their wor...
by splunky_diamond Explorer in Splunk Enterprise Security 2 weeks ago
0 3
0
3
treven
Is there a way to give a user read-only access to only a specific dashboard on Splunk ES such as the Executive Summar...
by treven Explorer in Splunk Enterprise Security 2 weeks ago
0 3
0
3
santorof
So within the Enterprise Security App, there is the built-in threat activity dashboard. One of panels shows your sour...
by santorof Communicator in Splunk Enterprise Security 3 weeks ago
2 5
2
5
splunky_diamond
Hello Splunk community! I have started my journey with splunk one month ago and I am currently learning Splunk Enterp...
by splunky_diamond Explorer in Splunk Enterprise Security 3 weeks ago
0 3
0
3
harishlnu
Hi Team,Could you please help me on running query in Splunk,The query starts with | ldapsearch.run query only have co...
by harishlnu Engager in Splunk SOAR (f.k.a. Phantom) 4 weeks ago
0 2
0
2
dennyw
hey guys, with data retention being set, is there a way to whitelist a specific container to prevent it from being de...
by dennyw Engager in Splunk SOAR (f.k.a. Phantom) 4 weeks ago
0 1
0
1
pkeller
In the Incident Review panel, we select a Notable Event, click on Edit Selected and a form pops up. I chose the first...
by pkeller Contributor in Splunk Enterprise Security 4 weeks ago
0 3
0
3
harishlnu
Hi Team,Could you please help me on below requirement, how to make manual task approval without  approver login to th...
by harishlnu Engager in Splunk SOAR (f.k.a. Phantom) 4 weeks ago
0 1
0
1
harishlnu
Hi team, Could you please help me on how to get health alert notification in phantom.Thanks in advance. Regards,Haris...
by harishlnu Engager in Splunk SOAR (f.k.a. Phantom) a month ago
0 1
0
1
SOARt_of_Lost
Due to some oddities of our environment, my team needs default fields in order to run some playbooks automatically. W...
by SOARt_of_Lost Path Finder in Splunk SOAR (f.k.a. Phantom) 04-18-2024
1 2
1
2
BGrdickson
Hi guys, I have configured my servicenow integration with splunk and it works fine, we can create notables from any...
by BGrdickson Explorer in Splunk Enterprise Security 04-17-2024
1 8
1
8
harishlnu
Hi Team,I am having requirement where i need to send an email for approval, if they reply to that email i need to rea...
by harishlnu Engager in Splunk SOAR (f.k.a. Phantom) 04-17-2024
0 1
0
1
meshorer
Hello, 1. Is there an option (built in or manually built) for a container to view history of the older containers wit...
by meshorer Path Finder in Splunk SOAR (f.k.a. Phantom) 04-16-2024
0 1
0
1
oz_dg
Hi everyone,Am having issues with the configuration of the AlienVault OTX feed in Splunk ES and would appreciate any ...
by oz_dg Explorer in Splunk Enterprise Security 04-13-2024
2 5
2
5
stevenbo
Where is the web server actually installed to and ran from for SOAR in a RHEL environment? Unlike Splunk Web UI where...
by stevenbo Explorer in Splunk SOAR (f.k.a. Phantom) 04-11-2024
0 4
0
4
sidoyle_
When writing plain text in the Next Steps field of a notable event such as Mitre ATT&CK it is then shown, when the no...
by sidoyle_ Explorer in Splunk Enterprise Security 04-10-2024
0 1
0
1
splunkreal
Hello,does editing ES roles on Permissions page is same as editing ES roles in Splunk's native edit role page?I guess...
by splunkreal Motivator in Splunk Enterprise Security 04-10-2024
0 3
0
3
meshorer
hello all, I noticed that timestamp in activity log is in UTC, and also while using timer app and in the event name a...
by meshorer Path Finder in Splunk SOAR (f.k.a. Phantom) 04-09-2024
0 1
0
1
shubi
App  started successfully (id: 1712665900147) on asset:Loaded action execution configurationexecuting action: test_as...
by shubi New Member in Splunk Enterprise Security 04-09-2024
0 1
0
1
ronan_duffy
Hi all, Since the redesign of the new Incident Review page, we appear to have lost the ability to search for Notables...
by ronan_duffy New Member in Splunk Enterprise Security 04-09-2024
0 1
0
1
mrkrabhishek
Do we have any content to detect "Moniker Link" - CVE-2024-21413
by mrkrabhishek New Member in Splunk Enterprise Security 04-07-2024
0 1
0
1
Splunk Learning

Splunk has training and education options for everyone, whether it's your first or fiftieth deployment.

Get Started

Announcements
Register for Upcoming Live Tech Talks! Security and Observability Editions are held every month.

Where are you on your adoption journey? Take the quick Security or Observability Resilience Check quiz to find out!
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Get the T-shirt to Prove You Survived Splunk University Bootcamp

As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...
Top Karma Authors