Splunk SOAR

Community Activity

How can I encrypt the keystore partition of my Splunk Phantom deployment? Introduction Splunk Phantom ingests objects from connected assets, such as your firewall, services like VirusTotal, M... by mconverse_splun Splunk Employee in Splunk SOAR 05-06-2021 0 0	0	0
Active Directory/LDAP connection and authentication debug script This article applies to Splunk Phantom versions 4.6 , 4.5 , 4.2 , 4.1 , 4.0 , 3.5 , 3.0 , 2.1 , 2.0 The Active Direct... by kevinh_splunk Splunk Employee in Splunk SOAR 04-23-2021 0 0	0	0
Playbook run results in the "user parameter must be of type string" error This article describes a workaround when you run a playbook and see the "user parameter must be of type string" error... by kevinh_splunk Splunk Employee in Splunk SOAR 04-23-2021 0 0	0	0
Avoid port conflicts when installing Splunk Phantom on a system with an existing Splunk universal forwarder NOTE: These steps were verified using Phantom version 4.2.7532 and Splunk Universal Forwarder version 7.2.6.Network p... by kevinh_splunk Splunk Employee in Splunk SOAR 04-23-2021 0 0	0	0
Keeping accurate time on your Splunk Phantom virtual machine In some cases, the Splunk Phantom virtual appliance can lose its time synchronization with the system time. For examp... by kevinh_splunk Splunk Employee in Splunk SOAR 04-22-2021 0 0	0	0
How to I use the REST API to create multiple assets in Splunk Phantom? This article provides an example of how to use the Splunk Phantom REST API to create multiple assets. This may be use... by kevinh_splunk Splunk Employee in Splunk SOAR 04-22-2021 0 0	0	0
phantom request Hello,I had just signed up for phantom - community edition and was wondering how long the request takes to be approve... by mratnan New Member in Splunk SOAR 04-21-2021 0 0	0	0
Install the latest Cisco ISE app in Splunk Phantom Team, Good day!I will need to install Cisco ISE in Splunk Phantom. I have the new instance of Splunk Phantom installe... by geinermiranda New Member in Splunk SOAR 04-21-2021 0 2	0	2
Phantom can't receive the events from splunk I installed the Phantom App for Splunk & CIM app.And connectivity testing between Splunk and Phantom is passed.I crea... by PwC-Kimmy Explorer in Splunk SOAR 04-14-2021 0 0	0	0
minimum requirements and partition configurations for phantom Hi, Anyone know the partitioning table needed for a clustered phantom installation. by edgarsilva01 Path Finder in Splunk SOAR 04-13-2021 0 0	0	0
Splunk community into Hyper-v Hi,Has anyone tried to mount the community ova on a Hyper-V?I have tried various methods of converting OVA (VMDK) to ... by makitos New Member in Splunk SOAR 04-12-2021 0 0	0	0
Cofense Triage Add-On account credentials In the cofense addon https://splunkbase.splunk.com/app/5253/this confused me for a while on what the credentials wher... by jonxilinx Path Finder in Splunk SOAR 04-07-2021 1 1	1	1
Phantom Time Change How do you update the time in phantom for daylight savings time? We are using NTP on the server and the server time i... by dustymiller New Member in Splunk SOAR 04-07-2021 0 1	0	1
Add a User to an AD group using Phantom Would it be easier to use a custom phantom playbook to Add a user to a specific AD group from an event trigger, inste... by splunk_user4 Explorer in Splunk SOAR 04-07-2021 0 1	0	1
How to enrich the endpoint tickets for MacOS Jamf Host Lookup? How can I enrich the endpoint tickets, where the ticket is for a MacOS host, lookup the host in Jamf and return the f... by brandylee1993 Explorer in Splunk SOAR 04-02-2021 1 2	1	2
How to pass data from one playbook to its subplaybook How can we pass data from one playbook to its sub playbook? by ansusabu Communicator in Splunk SOAR 03-31-2021 0 9	0	9
Retrieving phantom playbooks via CLI I'm currently having trouble accessing Phantom via web gui, it's giving 500 error.I just need to retrieve the custom ... by taeshin New Member in Splunk SOAR 03-24-2021 0 1	0	1
Automatically Forward Events to Phantom I am using Splunk Enterprise and wish to automatically forward events to Phantom. I am able to send events to Phantom... by jhuapl123454321 Explorer in Splunk SOAR 03-11-2021 0 9	0	9
For-cycles within playbooks, and variable in a single playbook and cross-playbooks Hi,what is the best way to:keep a variable in a single playbook (e.g. a counter that is needed only in one single run... by drew19 Path Finder in Splunk SOAR 02-25-2021 0 13	0	13
Delete containers with a playbook Is there a way to automatically delete some containers within a playbook? by drew19 Path Finder in Splunk SOAR 02-24-2021 0 5	0	5
Playbook scheduling without containers Is there a way to schedule a playbook run without having any container? Is it possible? by drew19 Path Finder in Splunk SOAR 02-24-2021 0 2	0	2
Phantom Microsoft Exchange On-Premise EWS - number of retrievable emails Hi everyone, with Phantom version 4.10.1.45070 and app version 3.0.3 I noticed that the maximum number of emails that... by drew19 Path Finder in Splunk SOAR 02-24-2021 0 0	0	0
Error phantom_forward:129 Splunk_home\etc\apps\phantom\bin\scripts\phantom_forward.py called without a session token. My the Phantom app's phantom_forwarding.log generated such logs: phantom_forward:129 - C:\Program Files\Splunk\etc\ap... by chaixl Explorer in Splunk SOAR 02-04-2021 1 4	1	4
Disable Active Playbook from Automatically Running When Artifact Added Hello All! I'm trying to figure out how to stop an active playbook from auto running when an artifact is added to a ... by stauff Explorer in Splunk SOAR 02-04-2021 0 1	0	1
Running Phantom playbook separately for each artifact I've noticed that it's possible to run a playbook in scope of one single artifact using Playbook Debuger. Is there an... by dewu94 Explorer in Splunk SOAR 02-02-2021 1 6	1	6