Splunk SOAR

Community Activity

How do I try an action several times? I have an action that I need a response from before the playbook can proceed, but the app is prone to occasionally ti... by ben_r Engager in Splunk SOAR 10-13-2022 0 2	0	2
Is there a way to automatically trigger SOAR playbook from S3 file added event? Hello, Is there a way to have a playbook automatically trigger when a file is added to an S3 bucket in our AWS accoun... by akitatake New Member in Splunk SOAR 10-06-2022 0 0	0	0
How do you achieve "for" loops? Hi,We've been trying to use "for loop" logic within playbook app actions. Although, there seems to be no way to achie... by rivaanb Engager in Splunk SOAR 10-04-2022 0 1	0	1
SOAR Cloud - Bulk Delete Containers through API? Hey all,I'm trying to find a way to bulk delete containers via the API in SOAR Cloud.Had an issue where Splunk create... by CS_ Path Finder in Splunk SOAR 09-28-2022 0 2	0	2
How to delete malicious email in all the company users' mailboxes? Hi all, is there a way to integrate with O365 and, given a malicious email (identified by subject and sender), search... by drew19 Path Finder in Splunk SOAR 09-28-2022 0 3	0	3
Has anyone done a playbook for crowdstrike serves stopped? Has anyone done a playbook for crowdstrike serves stopped? Basically querying splunk for host name, etc? If so can y... by brandylee1993 Explorer in Splunk SOAR 09-27-2022 0 0	0	0
Can I convert Splunk SOAR playbook type input to automation? Can I convert a playbook-type input to automation in Splunk SOAR (5.3.4)Thanks for helping. by peterng_ Engager in Splunk SOAR 09-27-2022 0 1	0	1
Splunk Phantom Account Review- Can I talk to support to see why it's taking so long? Hello, I'm trying to sign up for Splunk Phantom Community to download an OVA file for a college project but the revie... by ValFreeman Loves-to-Learn in Splunk SOAR 09-26-2022 0 0	0	0
Why am I getting this Error on automation - label? Hi, I'm using the community edition of the SOAR, in that I created one label after creating that, I created a playb... by Sasti Engager in Splunk SOAR 09-21-2022 0 0	0	0
Call API to get results from prompt? In a custom code block given the following psuedo code: def promptIpToBlock(action=None, success=None, container=None... by nhammSplunk Explorer in Splunk SOAR 09-19-2022 0 4	0	4
Is there a way to automate tag creation on splunk phantom? Is there a way to create/update/delete tags any other way than through "Administration Settings/Tags"? I was looking ... by GeorgeOrwell Explorer in Splunk SOAR 09-12-2022 0 0	0	0
How to remap objects from an user ID to another after SAML integration? Hi folks,We've been using Phantom for a while now and currently implementing SAML integration. The concerning part is... by victor_menezes Communicator in Splunk SOAR 09-09-2022 0 0	0	0
ES -> Adaptive Response -> Phantom Playbook -> event_id? I need my Phantom playbook to be able to close a Splunk ES notable event when it's completed, this requires the event... by GOB_Bluth Explorer in Splunk SOAR 09-09-2022 0 11	0	11
How to decrypt the password from the asset, while developing a custom app? Hi everyone, I'm looking for a solution here while playing around with the app builder on SOAR, and I could get the a... by victor_menezes Communicator in Splunk SOAR 09-01-2022 2 4	2	4
Replacement Characters appearing in emails sent from Splunk SMTP APP My team uses playbooks to automate email alerts in Phantom. Some playbooks have been randomly sending emails with the... by TheGovernor21 Engager in Splunk SOAR 08-31-2022 0 1	0	1
How to handle Dynamic Assets in playbooks? Just came across an interesting use case, and I'm wondering how people solve it. Phantom talks to an internal asset v... by Dave_Burns Path Finder in Splunk SOAR 08-29-2022 0 0	0	0
Issues with network shares and WRM SOAR app I'm trying to create a playbook that uses the Windows Remote Management app to take a file saved locally on a server ... by knot9 Engager in Splunk SOAR 08-26-2022 0 0	0	0
What do I do if my phantom community access expired? I got the 'Phantom Community Edition - Access Granted' mail. But regi link was expired. I can't access. https://my.ph... by mhseo New Member in Splunk SOAR 08-25-2022 0 1	0	1
Why has Phantom stop forward logs to the Splunk Enterprise? I use "the Splunk Phantom Remote Search app" to connect the Phantom to the Splunk Enterprise, it works fine until aft... by nareerat_pr Explorer in Splunk SOAR 08-25-2022 0 1	0	1
Splunk Phantom- How to monitor health of playbook? Hi fellas, How can we fetch details of a playbook like action_run_id, playbook_run_id and status. We need to monitor ... by Manojsai_3 New Member in Splunk SOAR 08-25-2022 0 1	0	1
Is there a way to create a daily report for the amount of times when a particular playbook is ran? Is there a way to create a daily report for the amount of times when a particular playbook is ran? by zgoggins New Member in Splunk SOAR 08-22-2022 0 1	0	1
Why do Phantom playbooks stop processing after 5.0.1v upgrade to 5.1.0? Hi team, Need help if anyone faced issues on phantom playbooks not processing events after upgrade from 5.0.1v to 5... by sharada Loves-to-Learn Everything in Splunk SOAR 08-11-2022 0 1	0	1
Has anyone had issues with Phantom upgrade from 4.10.7 to 5.0.1 version? Hello All, We are planning to upgrade phantom platform from 4.10.7 to 5.0.1 version. Can you please let us know the k... by sharada Loves-to-Learn Everything in Splunk SOAR 08-11-2022 0 1	0	1
Is there a way to catch errors coming from custom function block? Currently when I want to catch errors coming from arbitrary action block I rely on phantom.get_summary() looking at a... by GeorgeOrwell Explorer in Splunk SOAR 08-03-2022 0 1	0	1
Does a Lock for Playbooks function exist? Hello. I have a playbook that must be the only running instance of that playbook. I can't seem to find any "lock" f... by stauff Explorer in Splunk SOAR 07-27-2022 0 8	0	8