Hi,
we are using Splunk Cloud service and would like to extend it with Phantom.
Does anybody know whether this is possible?
Thanks!
-felix
An on-prem/AWS/Azure/GCP instance of Phantom can be used with Splunk Cloud, however a Support case will need to be created in order for the API communication port (default 8089) to be opened for the integration to have connectivity.
Once the connectivity is enabled, a good way to test it out would be to install & configure the Splunk App for Phantom with the required IP/Hostname, port, and user parameters defined.
Here's a KB link for that app:
https://my.phantom.us/4.5/docs/app_reference/phantom_splunk#test-connectivity
Surely this is coming soon!