Splunk SOAR

Community Activity

How to schedule a Phantom playbook to run at specific intervals? I have completed Phantom playbook that I need to run every 5 minutes. I know that the Timer app can be used to schedu... by AlexBryant Path Finder in Splunk SOAR 05-28-2020 0 3	0	3
change index value based on the dropdown selection So as per the Daily and Monthly selection index has to vary Daily = index1Monthly=index2 Thanks in Advance! <fieldset... by kavyakanne Engager in Splunk SOAR 05-17-2020 0 4	0	4
EWS for Office 365 encoding error "unknown encoding: windows-874" We're receiving this error from an email that it is unable to process Apr 30 16:34:37 splunk-phantom01-nonprod SPAWN[... by aocvy Engager in Splunk SOAR 05-04-2020 0 0	0	0
How to get incident details from Cherwell using Phantom playbook ? Phantom and Cherwell are integrated. I am planning to create a playbook that fetches the incident details assigned to... by mkrishnan Engager in Splunk SOAR 05-01-2020 0 1	0	1
Unable to configure additional Phantom App repo We want to deliver app updates to Phantom automated via git, we do not want to upload a new app each time one is upda... by aocvy Engager in Splunk SOAR 05-01-2020 0 3	0	3
Configuring App - Error - Missing required fields secrect,key Hi,I am installing an App and fill out the required information under Asset Info and Asset settings. Under Asset sett... by akg12106 New Member in Splunk SOAR 04-20-2020 0 4	0	4
Forwarding Splunk events to Phantom automatically Hi , I have integrated splunk with Phantom and can send the events to phantom by clicking on send to Phantom button. ... by rishma Explorer in Splunk SOAR 04-16-2020 0 6	0	6
How can I determine my Phantom Version? How do I find which version of Phantom I'm running from the console/ssh? (Captured question from Phantom Community Sl... by sam_splunk Splunk Employee in Splunk SOAR 04-15-2020 0 1	0	1
Phantom: How to retrieve audit logs from Phantom and ingest into Enterprise Security on Splunk? I want the below audit information from Phantom server ingested into Splunk ES and how to retrieve it?1) Login Succes... by sdubey_splunk Splunk Employee in Splunk SOAR 04-10-2020 0 2	0	2
How to unzip and parse an email attachment in Phantom Phantom is monitoring an email box for me, and every email will have exactly one attachment: a zipped .msg file. I ne... by AlexBryant Path Finder in Splunk SOAR 03-25-2020 0 1	0	1
I was wondering if any of you had a cheat sheet to make playbooks to help automate my job for beginners. So pretty much, -Grabs the list of all vulnerabilities from big fix and/or tenable -get subnets of the modes we will ... by robgray8430 New Member in Splunk SOAR 03-17-2020 0 0	0	0
Phantom: How to generate a report on cases that are created ? Team, I am looking for a way to generate a summary report on cases that we have in Phantom ? Which will include case ... by mkrishnan Engager in Splunk SOAR 03-16-2020 1 1	1	1
Events not received in Phantom I have created an alert in Splunk that fires off once a particular type of event is detected and also configured an a... by damode Motivator in Splunk SOAR 03-09-2020 0 8	0	8
Phantom environment is not stable occasionally ! 1) We have installed Phantom on Linux server and while executing playbooks in automation mode ,Our platform is gettin... by saikiran334 Explorer in Splunk SOAR 03-04-2020 0 3	0	3
Questions about Phantom License: Counting User Seat (User Base) Hi Team, Could you please help me with the questions about Counting User Seat.Also, If there is, It is happy to tell ... by kfunayama_splun Splunk Employee in Splunk SOAR 03-04-2020 0 1	0	1
configure Phantom app in Splunk through RestApi Hi, Trying to post the token and servername from the Phantomserver, into the Phantom app on the Splunk-server. This a... by ucz350 Path Finder in Splunk SOAR 03-04-2020 0 3	0	3
I wonder about the configuration of phantom. Hello. I wonder about the configuration of phantom. Question 1.Most of company in Korea need to separated network suc... by ragonfly New Member in Splunk SOAR 03-03-2020 0 2	0	2
installation using rpm - authorization We have been working on getting an installation of phantom running in a centos:7 docker container using rpm, but are... by kwells0479 Explorer in Splunk SOAR 02-13-2020 0 4	0	4
Phantom Playbook calling playbook block synchronous I have a top level playbook that calls two playbooks, on that does some analysis and the second one that promotes the... by dphegarty New Member in Splunk SOAR 02-07-2020 0 1	0	1
Embed rich view in phantom custom app We have a python script that basically does "ip address -> ... python-generated splunk calls + viz api calls -> url o... by leomeyerovich Explorer in Splunk SOAR 01-31-2020 0 0	0	0
Create table of paramaterized links in Phantom When looking at the result of a Phantom automation, say on IP1 & IP2 + User1 & User2, we'd like to also have a table ... by leomeyerovich Explorer in Splunk SOAR 01-31-2020 0 0	0	0
Are there any locking or concurrency guarantees when playbooks are operating on a container? Question: Are there any locking or concurrency guarantees when playbooks are operating on a container? Issue I am try... by buzz_gt New Member in Splunk SOAR 01-31-2020 0 0	0	0
Issue to Map fields between QRadar and Phantom Hello, I'm using the QRadar integration on Phantom, and we can define the mapping between Phantom and QRadar.I got an... by flogo New Member in Splunk SOAR 01-30-2020 0 1	0	1
Example of how to investigate and remediate phishing emails with Splunk Phantom? Does anyone have examples of how to use Splunk Phantom to investigate and remediate phishing emails? by sloshburch Ultra Champion in Splunk SOAR 01-30-2020 0 1	0	1
Example of how to hunt for threats with Splunk Phantom? Does anyone have examples of how to use Splunk Phantom to hunt for threats? by sloshburch Ultra Champion in Splunk SOAR 01-30-2020 0 1	0	1