Splunk SOAR

Community Activity

Phantom - McAfee ATD I am trying to integrate McAfee ATD app in Phantom. I get the following error when I try to test the connectivity. Fi... by RupeshManohar New Member in Splunk SOAR 09-06-2021 0 0	0	0
Splunk Phantom Community Edition Registration approval pending Hello! I have a training with Splunk Phantom starting tomorrow morning and my approval is still pending. I need the O... by ga1nz New Member in Splunk SOAR 08-30-2021 0 1	0	1
Phantom - Testing Connectivity no response Hi All, I run the 'Testing Connectivity' on all Phantom apps and the response is as follows, showing no information (... by PwC-Kimmy Explorer in Splunk SOAR 08-23-2021 0 4	0	4
Splunk Phantom - Get Email Gmail Hi there!I have a splunk instance running in centos. In SOAR, I have implemented the APP connecting it through IMAP t... by jcandiatch2009 New Member in Splunk SOAR 08-18-2021 0 0	0	0
Download files from Phantom case via REST API Hello,I'm currently creating a Python script which takes a Splunk Phantom Case as input and creates an Incident Respo... by hariomenkel Explorer in Splunk SOAR 08-18-2021 1 5	1	5
SAML SSO Intergration Phantom with Okta Hi I am doing OKTA SAML integration with Phantom and getting the below error.SAML2 Authentication Error'NoneType' obj... by ramanpuri2510 Loves-to-Learn Lots in Splunk SOAR 08-12-2021 0 0	0	0
Splunk Phantom SAML SAML2 authentication error Signature missing for response We were configuring our phantom instance for saml sso login and we are encountering the following error.SAML2 authent... by eugeneAq Engager in Splunk SOAR 08-12-2021 0 2	0	2
Phantom Version Dependency Check Failed - Installing App Attempting to install VMRay 2.0 Phantom App but I'm getting "Phantom Version Dependency Check Failed" error message. ... by arentahmasian New Member in Splunk SOAR 08-10-2021 0 0	0	0
Getting failed to communicate with platform component: phantom_decided when try to save a playbook Hello,I'm currently exploring Splunk Phantom or Splunk SOAR. When I try to create a new playbook or copy and save any... by tekybala New Member in Splunk SOAR 08-06-2021 0 1	0	1
Get container timeline history via REST Hi.I need to extract container timeline events via the REST API in order to generate analyst, playbook and action tim... by bongo Explorer in Splunk SOAR 08-04-2021 0 1	0	1
How to add filed from raw data into artifacts when the original syslog was forwarded to phantom, some key filed(like srcIP/dstIP) was missing artifact. these key... by Qingguo Engager in Splunk SOAR 07-30-2021 0 1	0	1
quarantine device using ISE After integration with ISE 2.4 successfully , I test action of quarantine for a device , phantoms shows it has been ... by Qingguo Engager in Splunk SOAR 07-29-2021 0 0	0	0
Passing Variables Between Functions I'm attempting to pass a variable/value between custom functions in a playbook. I've done this before without issue, ... by Mr Loves-to-Learn Lots in Splunk SOAR 07-23-2021 0 0	0	0
phantom vault different filenames with same content have same vaultid hi phantom team,I have a simple use case to rename a filename in vault.As its immutable, I copied the contents to vau... by sunilpanda023 Path Finder in Splunk SOAR 07-21-2021 0 0	0	0
Playbook stops in between without completing Hi All,I am quite new to Phantom. I have written few plabooks which works perfectly as intended when run from the deb... by shaquibk Explorer in Splunk SOAR 07-12-2021 0 2	0	2
Bulk Resolution for Playbook Prompts? Hi All,Is there a way to simultaneously/bulk respond to multiple notifications generated by prompt actions, or an adm... by PistolShrimp Engager in Splunk SOAR 07-06-2021 0 1	0	1
Phantom Architecture Concern Hi All,Good Day!!This is an Splunk Phantom Architecture question, which we are in the intial stage of building the Sp... by YeswanthReddy Engager in Splunk SOAR 06-30-2021 0 3	0	3
Playbook multiple run on the same event I am noticing for some of our events our playbooks run multiple times on the same event. How can I go about keeping t... by crayford Explorer in Splunk SOAR 06-29-2021 0 2	0	2
change the status of incident on Splunk Phantom Hi,I would like to know if we change the status of incident on Splunk Phantom, can we automatically notify user? by eye893 New Member in Splunk SOAR 06-28-2021 0 1	0	1
Phantom playbook I am able to run an action (whois ip from whois app) successfuly. However, if i put this action as part of a playboo... by brunofernandez Explorer in Splunk SOAR 06-14-2021 0 5	0	5
Usage of the phantom action -> phantom app -> find artifacts action Hi team, I'm using Phantom to create playbooks and I would like to know how the find artifact is used when I create a... by MimiThePrince New Member in Splunk SOAR 06-11-2021 0 1	0	1
Phantom warm standby script username/password authentication - Would you consider it a best practice to type a password into a prompt from a 3rd party script?- What if the 3rd pa... by bearcat Engager in Splunk SOAR 06-07-2021 1 0	1	0
Phantom Runner number of suggestions Our Phantom's DECIDED process often crashes for performance reasons.We suspect this is caused by the low number of ru... by PwC-Kimmy Explorer in Splunk SOAR 05-19-2021 0 1	0	1
Callback actions on container's status change Hi,I would like to know if there is the possibility to automatically trigger a playbook when there is a change in the... by drew19 Path Finder in Splunk SOAR 05-10-2021 0 5	0	5
How can I encrypt the keystore partition of my Splunk Phantom deployment? Introduction Splunk Phantom ingests objects from connected assets, such as your firewall, services like VirusTotal, M... by mconverse_splun Splunk Employee in Splunk SOAR 05-06-2021 0 0	0	0