Splunk SOAR

Community Activity

Cofense Triage Add-On account credentials In the cofense addon https://splunkbase.splunk.com/app/5253/this confused me for a while on what the credentials wher... by jonxilinx Path Finder in Splunk SOAR 04-07-2021 1 1	1	1
Phantom Time Change How do you update the time in phantom for daylight savings time? We are using NTP on the server and the server time i... by dustymiller New Member in Splunk SOAR 04-07-2021 0 1	0	1
Add a User to an AD group using Phantom Would it be easier to use a custom phantom playbook to Add a user to a specific AD group from an event trigger, inste... by splunk_user4 Explorer in Splunk SOAR 04-07-2021 0 1	0	1
How to enrich the endpoint tickets for MacOS Jamf Host Lookup? How can I enrich the endpoint tickets, where the ticket is for a MacOS host, lookup the host in Jamf and return the f... by brandylee1993 Explorer in Splunk SOAR 04-02-2021 1 2	1	2
How to pass data from one playbook to its subplaybook How can we pass data from one playbook to its sub playbook? by ansusabu Communicator in Splunk SOAR 03-31-2021 0 9	0	9
Retrieving phantom playbooks via CLI I'm currently having trouble accessing Phantom via web gui, it's giving 500 error.I just need to retrieve the custom ... by taeshin New Member in Splunk SOAR 03-24-2021 0 1	0	1
Automatically Forward Events to Phantom I am using Splunk Enterprise and wish to automatically forward events to Phantom. I am able to send events to Phantom... by jhuapl123454321 Explorer in Splunk SOAR 03-11-2021 0 9	0	9
For-cycles within playbooks, and variable in a single playbook and cross-playbooks Hi,what is the best way to:keep a variable in a single playbook (e.g. a counter that is needed only in one single run... by drew19 Path Finder in Splunk SOAR 02-25-2021 0 13	0	13
Delete containers with a playbook Is there a way to automatically delete some containers within a playbook? by drew19 Path Finder in Splunk SOAR 02-24-2021 0 5	0	5
Playbook scheduling without containers Is there a way to schedule a playbook run without having any container? Is it possible? by drew19 Path Finder in Splunk SOAR 02-24-2021 0 2	0	2
Phantom Microsoft Exchange On-Premise EWS - number of retrievable emails Hi everyone, with Phantom version 4.10.1.45070 and app version 3.0.3 I noticed that the maximum number of emails that... by drew19 Path Finder in Splunk SOAR 02-24-2021 0 0	0	0
Error phantom_forward:129 Splunk_home\etc\apps\phantom\bin\scripts\phantom_forward.py called without a session token. My the Phantom app's phantom_forwarding.log generated such logs: phantom_forward:129 - C:\Program Files\Splunk\etc\ap... by chaixl Explorer in Splunk SOAR 02-04-2021 1 4	1	4
Disable Active Playbook from Automatically Running When Artifact Added Hello All! I'm trying to figure out how to stop an active playbook from auto running when an artifact is added to a ... by stauff Explorer in Splunk SOAR 02-04-2021 0 1	0	1
Running Phantom playbook separately for each artifact I've noticed that it's possible to run a playbook in scope of one single artifact using Playbook Debuger. Is there an... by dewu94 Explorer in Splunk SOAR 02-02-2021 1 6	1	6
Sub Playbooks with Inputs & Outputs Hello All! I'm just starting with Phantom and having a hard time creating "reusable code". To give an example, I ha... by stauff Explorer in Splunk SOAR 02-01-2021 0 2	0	2
Issues with Microsoft Exchange On-Premise EWS polling Hi,We are using Microsoft Exchange On-Premise EWS app version 2.0.29 (Upgraded from 2.0.17) and we are experiencing s... by danieldelacasa Explorer in Splunk SOAR 01-05-2021 0 2	0	2
Phantom MISP - adding attributes with comment I'm trying to add attributes via Phantom MISP app. Adding attributes itself works fine for me when I'm just using pre... by dewu94 Explorer in Splunk SOAR 01-04-2021 0 0	0	0
How to run a Phantom playbook from a Splunk dashboard I have a Phantom playbook that will take security-related actions on any arbitrary host on my network. These actions ... by AlexBryant Path Finder in Splunk SOAR 12-26-2020 0 2	0	2
How to have the "Run Playbook in Phantom" adaptive response to run a specific playbook? Is it possible for the "Run Playbook in Phantom" adaptive response action in ES to automatically run a specific playb... by williamchenyp Explorer in Splunk SOAR 12-26-2020 0 1	0	1
Splunk Phantom Feedback Survey Hi everyone! The Splunk Phantom team is looking for your feedback in this quick 10 minute survey. 20 lucky winners ... by khuang Splunk Employee in Splunk SOAR 12-07-2020 0 0	0	0
Using current container info in a custom function Hi,Within a Custom Function, is it possible to grab information from the current container? For example, I've added t... by s2233 Explorer in Splunk SOAR 12-07-2020 1 1	1	1
invalid token error while communicating through rest API with phantom using splunk by rajafarhat16 New Member in Splunk SOAR 12-01-2020 0 6	0	6
The Splunk Phantom Product Feedback Survey Sweepstakes Official Rules The Splunk Phantom Product Feedback Survey Sweepstakes Official Rules NO PURCHASE OR PAYMENT OF ANY KIND IS NECESSARY... by khuang Splunk Employee in Splunk SOAR 12-01-2020 0 0	0	0
Symantec Enpoint Protection 14 Phantom App While I was checking the SEP 14 Phantom app, 'test connectivity' was working fine, but when it comes to 'Scan endpoin... by ansusabu Communicator in Splunk SOAR 11-30-2020 1 3	1	3
AWS Guardduty App S3 Details Issue The AWS Gaurdduty app from Splunk is not pulling in S3 details, when they normally are included in Gaurdduty alerts.N... by splkphntmuser New Member in Splunk SOAR 10-23-2020 0 0	0	0