Splunk SOAR

Community Activity

SOAR: Is it possible to retrieve the (splunk soar) instance details inside a playbook? Hi All, is it possible to retrieve the (splunk soar) instance details inside a playbook? For instance when sending an... by goncalocoelho Path Finder in Splunk SOAR 06-29-2022 0 2	0	2
Scanning endpoint SOAR Tenable.sc: How to get a credential scan? When scanning an endpoint in SOAR how to you get a credential scan? I can start a scan via SOAR playbook but its not ... by wisconsin New Member in Splunk SOAR 06-29-2022 0 1	0	1
Splunk Phantom Error Reporting- How to monitor the execution of a Phantom Playbook Hello, I am trying to find a native solution in order to monitor the execution of a Phantom Playbook. In case one of ... by ss008i Engager in Splunk SOAR 06-29-2022 0 2	0	2
Phantom App for Splunk not respecting Global field mappings i have Multiple event forwardings enabled on my Phantom App for Splunk that use saved searches to trigger notable eve... by soumyasaha25 Contributor in Splunk SOAR 06-27-2022 0 3	0	3
How to import Azure Sentinal SIEM data to Splunk SOAR? Hi Community, Could any of you please let me know if there is any way or pre written app to connect Azure Sentinal wi... by saurabhpati New Member in Splunk SOAR 06-21-2022 0 0	0	0
Deleting Custom List Items In a playbook, I have a decision tree.If option A -> Check List -> If Value Exists in custom list -> Do NothingElse I... by CS_ Path Finder in Splunk SOAR 06-21-2022 0 2	0	2
Can the Automation Broker be installed on a virtual machine? I was wondering if anyone has experience installing the AB on a virtual machine? Is this possible? What are the chall... by shanto12 New Member in Splunk SOAR 06-21-2022 0 1	0	1
"Search Settings" Indexer Host change requires Phantom restart? In our environment (Phantom version 4.10.3.x), the HEC (HTTP Event Collector) server name that is used as an "Indexer... by jeffrey_berry Path Finder in Splunk SOAR 06-20-2022 0 0	0	0
How to Trigger a Splunk SOAR Playbook on a schedule? I want to trigger a Splunk SOAR playbook to iterate through a list of hosts every hour and check if they are online i... by rgrWeidner Engager in Splunk SOAR 06-18-2022 0 2	0	2
Validating data of an action inside a decision? I'm interested in suggestions on how to tackle this. I know how I would implement it in Python, but not really sure b... by CS_ Path Finder in Splunk SOAR 06-17-2022 0 2	0	2
How to Save an external repository as the default repository? Is there a way to configure an external repository as the default one. I noticed that when I create a new playbook or... by shanto12 New Member in Splunk SOAR 06-10-2022 0 1	0	1
Is there a way to speed up process request to join Splunk phantom community that is under review? Is there a way to speed up this process because I have an assignment due but i can't download the ova of free communi... by kash New Member in Splunk SOAR 06-07-2022 0 0	0	0
How do we check if the sync from primary to standby is complete? I would like to know if there is a way to check when the rsync and postgress sync of data from primary to standby is ... by shanto12 New Member in Splunk SOAR 06-06-2022 0 1	0	1
Splunk SOAR vault file update: How to write custom code to read/write vault files? Hi, I'm trying to load a excel file from phantom vault for updating the data inside. I'm able to fetch file but could... by sirajnp Path Finder in Splunk SOAR 05-31-2022 0 7	0	7
What is the best practice to rotate the /var/log/phantom/app_interface.log file Hi everyone,I have limited disk space on /var/log path, so I try to manage phantom log rotation ( follow this link: C... by Nadear New Member in Splunk SOAR 05-27-2022 0 1	0	1
[Phantom] Filter/Decision block not seeing created artifact I used a custom function that parses out email addresses from an alert, I used the phantom.add_artifact function to a... by crayford Explorer in Splunk SOAR 05-27-2022 1 3	1	3
How to install app from source code? SOAR version 5.1.0.70187 on-prem installation. Can you please advise, how I can install a Python 2 app from the sourc... by shanto12 New Member in Splunk SOAR 05-25-2022 0 2	0	2
How do I get a phantom user object from the API? What's the api command to get the current logged-in user without specifying the user id. I want to type phantom.get_u... by nhammSplunk Explorer in Splunk SOAR 05-19-2022 0 6	0	6
Splunk Soar Community Edition pending approval Hello Splunk Team, I registered on the Splunk Soar community edition page two days ago, but still received no emails ... by alaforgia New Member in Splunk SOAR 05-17-2022 0 0	0	0
How to create Playbook trigger based on different labels? Hi all, I am using Splunk SOAR Community Edition and have a general question on how to correctly trigger a playbook. ... by saiiman Engager in Splunk SOAR 05-05-2022 0 2	0	2
My phantom.us approval Hello, I have signed up for my phantom us in order to get the ova and start testing. Unfortunately my account didn't... by rootxxvv1f New Member in Splunk SOAR 04-28-2022 0 0	0	0
Help understanding Splunk SOAR connectivity to indexers I would like to understand how Splunk SOAR sends data to the indexer endpoints that are configured under Administrati... by kprior201_lilly Path Finder in Splunk SOAR 04-01-2022 0 0	0	0
When Output array of dictionaries from code block, receiving this error When an array of dictionaries is assigned to the output variable of a code block, only the whole array can be used as... by Benni Loves-to-Learn in Splunk SOAR 03-21-2022 0 0	0	0
Action Run Splunk Query Issues I'm running into an issue where I have multiple artifacts that are being submitted as a Splunk query. Below is my cur... by wilcompl1334 Explorer in Splunk SOAR 03-16-2022 0 4	0	4
Splunk SOAR : Account lockout after multiple login attempts Hi All,Is there any account lockout policy after multiple failed attempts in Splunk SOAR (on premise),i.e: The user's... by danish121 Engager in Splunk SOAR 03-16-2022 1 0	1	0