Splunk SOAR

Community Activity

Phantom Architecture Concern Hi All,Good Day!!This is an Splunk Phantom Architecture question, which we are in the intial stage of building the Sp... by YeswanthReddy Engager in Splunk SOAR 06-30-2021 0 3	0	3
Playbook multiple run on the same event I am noticing for some of our events our playbooks run multiple times on the same event. How can I go about keeping t... by crayford Explorer in Splunk SOAR 06-29-2021 0 2	0	2
change the status of incident on Splunk Phantom Hi,I would like to know if we change the status of incident on Splunk Phantom, can we automatically notify user? by eye893 New Member in Splunk SOAR 06-28-2021 0 1	0	1
Phantom playbook I am able to run an action (whois ip from whois app) successfuly. However, if i put this action as part of a playboo... by brunofernandez Explorer in Splunk SOAR 06-14-2021 0 5	0	5
Usage of the phantom action -> phantom app -> find artifacts action Hi team, I'm using Phantom to create playbooks and I would like to know how the find artifact is used when I create a... by MimiThePrince New Member in Splunk SOAR 06-11-2021 0 1	0	1
Phantom warm standby script username/password authentication - Would you consider it a best practice to type a password into a prompt from a 3rd party script?- What if the 3rd pa... by bearcat Engager in Splunk SOAR 06-07-2021 1 0	1	0
Phantom Runner number of suggestions Our Phantom's DECIDED process often crashes for performance reasons.We suspect this is caused by the low number of ru... by PwC-Kimmy Explorer in Splunk SOAR 05-19-2021 0 1	0	1
Callback actions on container's status change Hi,I would like to know if there is the possibility to automatically trigger a playbook when there is a change in the... by drew19 Path Finder in Splunk SOAR 05-10-2021 0 5	0	5
How can I encrypt the keystore partition of my Splunk Phantom deployment? Introduction Splunk Phantom ingests objects from connected assets, such as your firewall, services like VirusTotal, M... by mconverse_splun Splunk Employee in Splunk SOAR 05-06-2021 0 0	0	0
Active Directory/LDAP connection and authentication debug script This article applies to Splunk Phantom versions 4.6 , 4.5 , 4.2 , 4.1 , 4.0 , 3.5 , 3.0 , 2.1 , 2.0 The Active Direct... by kevinh_splunk Splunk Employee in Splunk SOAR 04-23-2021 0 0	0	0
Playbook run results in the "user parameter must be of type string" error This article describes a workaround when you run a playbook and see the "user parameter must be of type string" error... by kevinh_splunk Splunk Employee in Splunk SOAR 04-23-2021 0 0	0	0
Avoid port conflicts when installing Splunk Phantom on a system with an existing Splunk universal forwarder NOTE: These steps were verified using Phantom version 4.2.7532 and Splunk Universal Forwarder version 7.2.6.Network p... by kevinh_splunk Splunk Employee in Splunk SOAR 04-23-2021 0 0	0	0
Keeping accurate time on your Splunk Phantom virtual machine In some cases, the Splunk Phantom virtual appliance can lose its time synchronization with the system time. For examp... by kevinh_splunk Splunk Employee in Splunk SOAR 04-22-2021 0 0	0	0
How to I use the REST API to create multiple assets in Splunk Phantom? This article provides an example of how to use the Splunk Phantom REST API to create multiple assets. This may be use... by kevinh_splunk Splunk Employee in Splunk SOAR 04-22-2021 0 0	0	0
phantom request Hello,I had just signed up for phantom - community edition and was wondering how long the request takes to be approve... by mratnan New Member in Splunk SOAR 04-21-2021 0 0	0	0
Install the latest Cisco ISE app in Splunk Phantom Team, Good day!I will need to install Cisco ISE in Splunk Phantom. I have the new instance of Splunk Phantom installe... by geinermiranda New Member in Splunk SOAR 04-21-2021 0 2	0	2
Phantom can't receive the events from splunk I installed the Phantom App for Splunk & CIM app.And connectivity testing between Splunk and Phantom is passed.I crea... by PwC-Kimmy Explorer in Splunk SOAR 04-14-2021 0 0	0	0
minimum requirements and partition configurations for phantom Hi, Anyone know the partitioning table needed for a clustered phantom installation. by edgarsilva01 Path Finder in Splunk SOAR 04-13-2021 0 0	0	0
Splunk community into Hyper-v Hi,Has anyone tried to mount the community ova on a Hyper-V?I have tried various methods of converting OVA (VMDK) to ... by makitos New Member in Splunk SOAR 04-12-2021 0 0	0	0
Cofense Triage Add-On account credentials In the cofense addon https://splunkbase.splunk.com/app/5253/this confused me for a while on what the credentials wher... by jonxilinx Path Finder in Splunk SOAR 04-07-2021 1 1	1	1
Phantom Time Change How do you update the time in phantom for daylight savings time? We are using NTP on the server and the server time i... by dustymiller New Member in Splunk SOAR 04-07-2021 0 1	0	1
Add a User to an AD group using Phantom Would it be easier to use a custom phantom playbook to Add a user to a specific AD group from an event trigger, inste... by splunk_user4 Explorer in Splunk SOAR 04-07-2021 0 1	0	1
How to enrich the endpoint tickets for MacOS Jamf Host Lookup? How can I enrich the endpoint tickets, where the ticket is for a MacOS host, lookup the host in Jamf and return the f... by brandylee1993 Explorer in Splunk SOAR 04-02-2021 1 2	1	2
How to pass data from one playbook to its subplaybook How can we pass data from one playbook to its sub playbook? by ansusabu Communicator in Splunk SOAR 03-31-2021 0 9	0	9
Retrieving phantom playbooks via CLI I'm currently having trouble accessing Phantom via web gui, it's giving 500 error.I just need to retrieve the custom ... by taeshin New Member in Splunk SOAR 03-24-2021 0 1	0	1