Security Premium Solutions

Category Activity

Deleting Custom List Items In a playbook, I have a decision tree.If option A -> Check List -> If Value Exists in custom list -> Do NothingElse I... by CS_ Path Finder in Splunk SOAR (f.k.a. Phantom) 2 weeks ago 0 2	0	2
Can the Automation Broker be installed on a virtual machine? I was wondering if anyone has experience installing the AB on a virtual machine? Is this possible? What are the chall... by shanto12 New Member in Splunk SOAR (f.k.a. Phantom) 2 weeks ago 0 1	0	1
One or more SHs in a SHC seem to go down frequently- Any suggestions? I have a SHC consisting of 4 SHs (Splunk on-prem on AWS). One or the other SHs seem to go into down state. The only i... by ksahu New Member in Splunk Enterprise Security 2 weeks ago 0 1	0	1
How to migrate data in an indexer cluster to a new indexer cluster environment? Hi peeps, I need some information about migrating data from an instance in a cluster environment to a new cluster env... by syazwani Path Finder in Splunk Enterprise Security 2 weeks ago 0 4	0	4
"Search Settings" Indexer Host change requires Phantom restart? In our environment (Phantom version 4.10.3.x), the HEC (HTTP Event Collector) server name that is used as an "Indexer... by jeffrey_berry Path Finder in Splunk SOAR (f.k.a. Phantom) 2 weeks ago 0 0	0	0
How do you update lookups on a SHC while running Splunk Enterprise Security? Splunk Enterprise Security is deployed to a Search Head Cluster, along with a bunch of applicable TAs. Deployments ar... by Lowell Super Champion in Splunk Enterprise Security 2 weeks ago 4 13	4	13
PCI Compliance- Why is Incident Review blank? Hi All, We are facing a weird issue where we are unable to see any new incidents on PCI compliance >Incidents review.... by bhargavg New Member in Splunk Enterprise Security 2 weeks ago 0 0	0	0
How to Trigger a Splunk SOAR Playbook on a schedule? I want to trigger a Splunk SOAR playbook to iterate through a list of hosts every hour and check if they are online i... by rgrWeidner Engager in Splunk SOAR (f.k.a. Phantom) 2 weeks ago 0 2	0	2
Create Notable Event Error (reading 'value') Hi We are using Splunk ES 7.0 in our SOC environment. After upgrading to ES 7.0 we are getting the following issue du... by muhammadalavi19 Loves-to-Learn in Splunk Enterprise Security 2 weeks ago 0 0	0	0
Validating data of an action inside a decision? I'm interested in suggestions on how to tackle this. I know how I would implement it in Python, but not really sure b... by CS_ Path Finder in Splunk SOAR (f.k.a. Phantom) 2 weeks ago 0 2	0	2