Splunk SOAR

Community Activity

Unable to use foreach or dummy encoding in Phantom Splunk queries? Splunk app for Phantom supports running a query on Splunk.I am trying to use foreach in my query, but the action fail... by bowesmana SplunkTrust in Splunk SOAR 11-01-2019 0 4	0	4
How do I delete events id automatically in Phantom? I want to delete events automatically in Phantom. I know that it can be deleted by hand like a picture. How do I w... by oda Communicator in Splunk SOAR 10-31-2019 0 1	0	1
Unable to see events in splunk phantom Hi all,I am very new to phantom. Its my first time dealing with it.I was trying to connect splunk instance to phantom... by bhavneeshvohra Engager in Splunk SOAR 10-31-2019 0 1	0	1
custom status update for notable event using phantom playbook Hi All, I have to update the notable event status using phantom. But the status are custom created ones , not the def... by kvswathi Path Finder in Splunk SOAR 10-31-2019 0 4	0	4
Errno 110 App ElasticSearch Configuration I have been trying to troubleshoot this error for the Elasicsearch application. However, with or without credentials ... by johnteo Explorer in Splunk SOAR 10-30-2019 0 1	0	1
Reversing Labb Testing Connectivity Failed Hi all, my attempt to set up reversing labs app in Splunk Phantom has run into an error. It says: Connectivity test... by johnteo Explorer in Splunk SOAR 10-24-2019 0 1	0	1
Configuring Apps Hello, I have encountered some issues with configuring applications on Splunk Phantom. How do I obtain API keys/URLs ... by johnteo Explorer in Splunk SOAR 10-24-2019 0 1	0	1
Unable to resolve host when cloning the azure devops repo Hello all, I am trying to clone the azure devops repo into the splunk phantom and getting the following error. Pl, ca... by pedavallis New Member in Splunk SOAR 10-24-2019 0 1	0	1
Phantom Requirements Hi everyone, I am having trouble locating the documentation on requirements for the hardware, system and network requ... by johnteo Explorer in Splunk SOAR 10-16-2019 0 1	0	1
splunk phantom install license key cli I was wondering if anyone knows how to install the phantom license key through the cli? Or potentially through some r... by ucz350 Path Finder in Splunk SOAR 10-14-2019 1 3	1	3
Splunk Phantom: How to append each username from LDAP query result into an email body and send? Results from LDAP query: user1user2 I want to send an email for each of this users with the below email body separate... by robertbuscato New Member in Splunk SOAR 09-26-2019 0 7	0	7
Phantom: How can I use a format block to format the results of a Splunk query? I am using Phantom to submit a Splunk query and I can get the results from the action_result.data artifact. Those res... by AlexBryant Path Finder in Splunk SOAR 09-22-2019 0 3	0	3
Phantom : Why are we getting the error "unable to forward this search result: unhashable type: 'dict'" ? We are trying to forward the events to phantom via datamodel export function. when we click on save and preview , we ... by sdubey_splunk Splunk Employee in Splunk SOAR 09-18-2019 0 2	0	2
Phantom app for Cisco Threat Response I searched for the Phantom app for Cisco Threat Response but was unable to find it in Phantom. If such Phantom app ex... by molehu Engager in Splunk SOAR 09-12-2019 0 0	0	0
Using Splunk Phantom post data to send data from Phantom back into Splunk Hi I am new to Splunk Phantom and have so far far Triggered an alert in SplunkThis send the data into PhantomPhantom ... by davidwaugh Path Finder in Splunk SOAR 09-10-2019 0 1	0	1
How do I perform field mapping between Splunk and Phantom when using Run playbook in Phantom ? Hello, I am using the action Run playbook in Phantom. Splunk can send the alert, but without fields created on Splu... by fati_ben_soar New Member in Splunk SOAR 08-28-2019 0 1	0	1
Splunk Phantom Using Splunk Phantomm app and trying to export saved data model filds that are INHERITED parsed and can be forwared b... by borisk95 New Member in Splunk SOAR 08-28-2019 0 1	0	1
Phantom double Parameters send email here an example: Guten Tag Herr Tobias, Tobias Betroffene Plattform IP: 10.11.12.13, 10.11.12.13 Hostname: 244.abc.... by bviehmann New Member in Splunk SOAR 08-28-2019 0 1	0	1
Retention Policy for containers in Phantom Do we have retention policy for the containers in Phantom? When there are huge number of containers in Phantom, it co... by ansusabu Communicator in Splunk SOAR 08-28-2019 0 4	0	4
SubSearch Capability of Phantom App I have a correlation search that uses 2 sub-searches using the inputlookup & NOT commands for whitelisted devices/IPs... by TWiseOne Path Finder in Splunk SOAR 08-28-2019 1 1	1	1
Phantom double Parameters when send email hello I scan systems with nessus on vulnerbilities and send them to splunk. With phantom I could generate emails. An... by bviehmann New Member in Splunk SOAR 08-28-2019 0 5	0	5
Phantom with Splunk Cloud? Hi,we are using Splunk Cloud service and would like to extend it with Phantom.Does anybody know whether this is possi... by fmh Engager in Splunk SOAR 08-28-2019 2 2	2	2
Newbie on Phantom on Check Point I'm working on building a POC to test gateways with Phantom and I can't seem to get this working. I've created an as... by poctalk Engager in Splunk SOAR 08-28-2019 1 3	1	3
Problem with checkpoint and phantom Hi guys!! I have to ask the following question about an integration with phantom, I have raised a 7730 checkpoint and... by manrodriguez Engager in Splunk SOAR 08-28-2019 0 1	0	1
"Cannot connect to WebSocket" - Phantom OVA 4.5 Hi I am facing an issue where I continually keep getting a little pop-up at the top right hand side of the Phantom we... by shivinder Explorer in Splunk SOAR 08-21-2019 2 6	2	6