Splunk SOAR (f.k.a. Phantom)

How to login to Phantom software after installing phantom?

hiahiahia
Explorer

I've just installed Phantom software according to link text. My operating system is Centos 7.

But I don't know what's the next step to login to Phantom UI. Anyone installing phantom by rpm?

I try to set port=127.0.0.1:9001 in "phantom/etc/supervisord.conf" and execute "./phantom/bin/start_phantom.sh".It shows "Phantom startup successful".But I can't access the supervisord through browser.

So what should I do after installing phantom on Centos 7 to login to Phantom UI?

Labels (3)
Tags (1)
0 Karma
1 Solution

rgresham_splunk
Splunk Employee
Splunk Employee

I hope you backed up your configuration prior to changing the .conf file. To login please review the Phantom documentation here: https://my.phantom.us/4.1/docs/admin/login

Browse to the IP address you configured for your virtual appliance, or the DNS name if you have created one for the IP address you set. The WebUI uses HTTPS, but if you do not specify HTTPS, the server will answer on port 80 (HTTP) and immediately redirect your browser to HTTPS at the same name or address. You will be presented with a username and password login screen. The default administrative user is admin with a password of password.  

You will need to read some of the documentation to fully understand how to administer and configure the platform. I highly recommend that you join the phantom-community.slack.com Slack channel.

View solution in original post

0 Karma

rgresham_splunk
Splunk Employee
Splunk Employee

I hope you backed up your configuration prior to changing the .conf file. To login please review the Phantom documentation here: https://my.phantom.us/4.1/docs/admin/login

Browse to the IP address you configured for your virtual appliance, or the DNS name if you have created one for the IP address you set. The WebUI uses HTTPS, but if you do not specify HTTPS, the server will answer on port 80 (HTTP) and immediately redirect your browser to HTTPS at the same name or address. You will be presented with a username and password login screen. The default administrative user is admin with a password of password.  

You will need to read some of the documentation to fully understand how to administer and configure the platform. I highly recommend that you join the phantom-community.slack.com Slack channel.

0 Karma

ApTR4t
New Member

I utilized the documentation provided here but it doesn't accept the username and password list as default. Has this changed?

0 Karma

hiahiahia
Explorer

Thanks for your help.I understand it now. After executing "./phantom/bin/start_phantom.sh" and inputing "https://my IP",Phantom UI will come up.

By the way, I can't downlaod phantom OVA file from "https://my.phantom.us/downloads/" because download progress always remains 0%. I wonder that whether this case is caused by my network or not.

rgresham_splunk
Splunk Employee
Splunk Employee

Sorry to hear that you can't download it. I know that it does work, could you look to make sure that your proxy or network isn't blocking it?

0 Karma

hiahiahia
Explorer

All right.I can't do nothing to network,The good news is that I can install it by rpm on Centos.

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...