Splunk SOAR (f.k.a. Phantom)
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Phantom: How to generate a report on cases that are created ?

mkrishnan
Engager
‎03-16-2020 03:59 AM

Team,

I am looking for a way to generate a summary report on cases that we have in Phantom ? Which will include case ID, case name, Assignee, Start data, end date , status etc.

I dont find an option to generate such reports in Phantom GUI currently. Please help me if anybody found any solution for this.
I am looking for ways to pull data with the help of Rest API. Please post if anyone has worked on this so far ?

Thank you,
MK

Labels (1)
Labels
Tags (1)
Reply

rplas
SplunkTrust
SplunkTrust
‎03-16-2020 07:34 AM

There currently isn't a great way to generate custom reports from the UI but I think getting data from the API and building your own report generator is the way to go.

Documentation for the REST API can be found here: https://docs.splunk.com/Documentation/Phantom/4.8/PlatformAPI/Using

The Container API documentation can be found here: https://docs.splunk.com/Documentation/Phantom/4.8/PlatformAPI/RESTContainers

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Lantern | Spotlight on Security: Adoption Motions, War Stories, and More

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)

Greetings, Splunk Cloud Admins and Splunk enthusiasts! The Admin Configuration Service (ACS) team is excited ...

Tech Talk | One Log to Rule Them All

One log to rule them all: how you can centralize your troubleshooting with Splunk logs We know how important ...