Splunk SOAR

Community Activity

Deleting Custom List Items In a playbook, I have a decision tree.If option A -> Check List -> If Value Exists in custom list -> Do NothingElse I... by CS_ Path Finder in Splunk SOAR 06-21-2022 0 2	0	2
Can the Automation Broker be installed on a virtual machine? I was wondering if anyone has experience installing the AB on a virtual machine? Is this possible? What are the chall... by shanto12 New Member in Splunk SOAR 06-21-2022 0 1	0	1
"Search Settings" Indexer Host change requires Phantom restart? In our environment (Phantom version 4.10.3.x), the HEC (HTTP Event Collector) server name that is used as an "Indexer... by jeffrey_berry Path Finder in Splunk SOAR 06-20-2022 0 0	0	0
How to Trigger a Splunk SOAR Playbook on a schedule? I want to trigger a Splunk SOAR playbook to iterate through a list of hosts every hour and check if they are online i... by rgrWeidner Engager in Splunk SOAR 06-18-2022 0 2	0	2
Validating data of an action inside a decision? I'm interested in suggestions on how to tackle this. I know how I would implement it in Python, but not really sure b... by CS_ Path Finder in Splunk SOAR 06-17-2022 0 2	0	2
How to Save an external repository as the default repository? Is there a way to configure an external repository as the default one. I noticed that when I create a new playbook or... by shanto12 New Member in Splunk SOAR 06-10-2022 0 1	0	1
Is there a way to speed up process request to join Splunk phantom community that is under review? Is there a way to speed up this process because I have an assignment due but i can't download the ova of free communi... by kash New Member in Splunk SOAR 06-07-2022 0 0	0	0
How do we check if the sync from primary to standby is complete? I would like to know if there is a way to check when the rsync and postgress sync of data from primary to standby is ... by shanto12 New Member in Splunk SOAR 06-06-2022 0 1	0	1
Splunk SOAR vault file update: How to write custom code to read/write vault files? Hi, I'm trying to load a excel file from phantom vault for updating the data inside. I'm able to fetch file but could... by sirajnp Path Finder in Splunk SOAR 05-31-2022 0 7	0	7
What is the best practice to rotate the /var/log/phantom/app_interface.log file Hi everyone,I have limited disk space on /var/log path, so I try to manage phantom log rotation ( follow this link: C... by Nadear New Member in Splunk SOAR 05-27-2022 0 1	0	1
[Phantom] Filter/Decision block not seeing created artifact I used a custom function that parses out email addresses from an alert, I used the phantom.add_artifact function to a... by crayford Explorer in Splunk SOAR 05-27-2022 1 3	1	3
How to install app from source code? SOAR version 5.1.0.70187 on-prem installation. Can you please advise, how I can install a Python 2 app from the sourc... by shanto12 New Member in Splunk SOAR 05-25-2022 0 2	0	2
How do I get a phantom user object from the API? What's the api command to get the current logged-in user without specifying the user id. I want to type phantom.get_u... by nhammSplunk Explorer in Splunk SOAR 05-19-2022 0 6	0	6
Splunk Soar Community Edition pending approval Hello Splunk Team, I registered on the Splunk Soar community edition page two days ago, but still received no emails ... by alaforgia New Member in Splunk SOAR 05-17-2022 0 0	0	0
How to create Playbook trigger based on different labels? Hi all, I am using Splunk SOAR Community Edition and have a general question on how to correctly trigger a playbook. ... by saiiman Engager in Splunk SOAR 05-05-2022 0 2	0	2
My phantom.us approval Hello, I have signed up for my phantom us in order to get the ova and start testing. Unfortunately my account didn't... by rootxxvv1f New Member in Splunk SOAR 04-28-2022 0 0	0	0
Help understanding Splunk SOAR connectivity to indexers I would like to understand how Splunk SOAR sends data to the indexer endpoints that are configured under Administrati... by kprior201_lilly Path Finder in Splunk SOAR 04-01-2022 0 0	0	0
When Output array of dictionaries from code block, receiving this error When an array of dictionaries is assigned to the output variable of a code block, only the whole array can be used as... by Benni Loves-to-Learn in Splunk SOAR 03-21-2022 0 0	0	0
Action Run Splunk Query Issues I'm running into an issue where I have multiple artifacts that are being submitted as a Splunk query. Below is my cur... by wilcompl1334 Explorer in Splunk SOAR 03-16-2022 0 4	0	4
Splunk SOAR : Account lockout after multiple login attempts Hi All,Is there any account lockout policy after multiple failed attempts in Splunk SOAR (on premise),i.e: The user's... by danish121 Engager in Splunk SOAR 03-16-2022 1 0	1	0
Why are we experiencing this Error "authentication failure on Phantom 4.10"? We are using Prompt with extended time to 4 days. We have discovered that when the time of running playbook is over t... by mrzn New Member in Splunk SOAR 03-14-2022 0 2	0	2
How to investigate and contain ransomware with Splunk enterprise? HiDoes anyone have examples of how to use Splunk enterprise to investigate and contain ransomware?I would like to det... by Pablo00 Explorer in Splunk SOAR 03-13-2022 0 1	0	1
Is it possible to use Cyberark to rotate the Splunk SOAR admin account password? Hi all, Does anyone know if it's possible to use Cyberark to rotate the Splunk SOAR admin account password? If it is,... by mark_wymer Path Finder in Splunk SOAR 03-10-2022 0 2	0	2
How to get app action result in a playbook? Hi all,I have a stream of events which come in to SOAR.When the event is loaded in SOAR, a playbook runs against it a... by CS_ Path Finder in Splunk SOAR 03-09-2022 0 5	0	5
How to customize the Phantom dashboard time filters dropdown box? How to customize the Phantom dashboard time filters dropdown box (see screenshot below)?For a Phantom instance, we ha... by jeffrey_berry Path Finder in Splunk SOAR 03-02-2022 0 3	0	3