Splunk SOAR

Discussions

Thread Info

Phantom - registration approval pending

Hello, I tried to register 1 year ago without success. I tried again today but it says I’m already registered (but I ...

by New Member in

Phantom: What role is best for a user creating a playbook?

Hi, I was hoping someone would be able to let me know the correct role to choose for a user whose responsibility w...

by New Member in

Phantom: Can I disable port 80 on phantom server?

Phantom: Can I disable port 80 on phantom server? Is it possible to disable port 80 on Phantom server and what is ...

by Splunk Employee in

Phantom unable to install phantom app digitalshadows and fails with connection to pypi.org timeout?

I am trying to install Phantom app: install digitalshadows-1.0.1 published in Phantom Marketplace (https://my.phantom...

by Splunk Employee in

Phantom : Warm-standby failover is not working as the filesystem size of /opt/phantom/db is more than /tmp/? How to fix it?

Warm-standby failover is not working as the filesystem size of /opt/phantom/db is more than /tmp/. How to fix it?

by Splunk Employee in

Installing Splunk Phantom on CentOS 7.6. RPM file in installation guide is invalid

Hello all, I am attempting to install Splunk Phantom 4.5 (not the Phantom App for Splunk) on a CentOS 7.6 VM on ES...

by Explorer in

Process filters losing information

Anyone running into an issue where process filters(filters/decisions) will randomly lose assigned values causing play...

by New Member in

Remove all events from phantom

Hello, is there a way to remove all events from phantom

by New Member in

How to Delete Multiple container

There could be tens to hundreds of containers that would like to be deleted. What is the best way to delete these?

by Splunk Employee in

Phantom System Health Check

Would like to ask on how can we determine if the System Health being shown is still within threshold and will not aff...

by Splunk Employee in

Phantom Splunk App - "post data" action API error

I'm attempting to use the "post data" action of the Splunk app in Phantom. I'm fairly certain that I've correctly ...

by Engager in

How to separate saved search exports in Phantom app for different Splunk users?

I work in an environment where there are different projects for different developers. I want each project to receive ...

by Explorer in

phantom subscription model

Does anyone know what is the Phantom subscription? Previously, a free version was limited to 10 playbook or 25 eve...

by New Member in

Phantom app for Splunk

There was an error adding the server configuration. Verify server's 'Allowed IPs' and authorization configuration. ...

by New Member in

How do I create a phantom playbook that takes data from a splunk alert and post it to a REST api?

Hi,I am totally new to Splunk and phantom. Please help me with the below idea.I want to create a Phantom playbook tha...

by New Member in

How to Phantom Playbook

Hi, there I am sorry for the basic questions.Please tell me about the following. What is the definition of Play...

by New Member in

Splunk App for Phantom to export Raw Logs

I am using App Version 2.5.23: Go to the app and click on “new saved search Export” I have created the saved sear...

by Splunk Employee in

Schedule/PreviewWindow configure on Splunk for Phantom App

[ Splunk deployment/architecture ] Splunk Enterprise: 7.2.0 / Standalone / CentOS 7.4 Phantom App for Splunk：2.6.2...

by Splunk Employee in

Where should I download Phantom app?

I've downloaded Splunk 7 and installed the Phantom app for Splunk. But, I found out that my Phantom app is differe...

by Explorer in

How to get Splunk fields as artifacts into Phantom?

Hi, trying to get Palo Alto alerts for critical, high and medium threat alerts from Splunk into Phantom. In pha...

by Explorer in

Phantom Issue ---"File contains parsing errors: [line 2]: '\xef\xbb\xbf# Version 7.2.1\n'"

Hi Splunkers, We are trying to forward the events to Phantom via data model export function. When we click on save...

by Path Finder in

Phantom 3.5.x Adaptive Response Action in Splunk ES 5.1

I'm trying to integrate Splunk ES 5.1 running on Splunk Core 7.1. I have the Phantom app configured, connected to ...

by Engager in

Why is compile_app.py failing to install my phantom app?

I'm working my way through the phantom appdev tutorial and can't get past an annoying issue when attempting to compil...

by Communicator in

Why am I getting an error when using the Send to Phantom alert action?

Splunk Version: 7.1.2Phantom App for Splunk Version: 2.5.23 My alerts are being triggered successfully, but there ...

by Explorer in

How to find out what SIM model is established for the security logs in Splunk?

by Contributor in

Get Updates on the Splunk Community!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...

Index This | When is October more than just the tenth month?

October 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious! We’re back with this ...

Observe and Secure All Apps with Splunk

Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk SOAR

Discussions

Phantom - registration approval pending

Phantom: What role is best for a user creating a playbook?

Phantom: Can I disable port 80 on phantom server?

Phantom unable to install phantom app digitalshadows and fails with connection to pypi.org timeout?

Phantom : Warm-standby failover is not working as the filesystem size of /opt/phantom/db is more than /tmp/? How to fix it?

Installing Splunk Phantom on CentOS 7.6. RPM file in installation guide is invalid

Process filters losing information

Remove all events from phantom

How to Delete Multiple container

Phantom System Health Check

Phantom Splunk App - "post data" action API error

How to separate saved search exports in Phantom app for different Splunk users?

phantom subscription model

Phantom app for Splunk

How do I create a phantom playbook that takes data from a splunk alert and post it to a REST api?

How to Phantom Playbook

Splunk App for Phantom to export Raw Logs

Schedule/PreviewWindow configure on Splunk for Phantom App

Where should I download Phantom app?

How to get Splunk fields as artifacts into Phantom?

Phantom Issue ---"File contains parsing errors: [line 2]: '\xef\xbb\xbf# Version 7.2.1\n'"

Phantom 3.5.x Adaptive Response Action in Splunk ES 5.1

Why is compile_app.py failing to install my phantom app?

Why am I getting an error when using the Send to Phantom alert action?

How to find out what SIM model is established for the security logs in Splunk?

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

Index This | When is October more than just the tenth month?

Observe and Secure All Apps with Splunk

Benefit of using Custom Functions vs Creating a Ap...

Assigning Alerts/Cases Across Teams with Restricte...

SOAR Automation

splunk soar run query action in splunk APP

Help with Display Extracted List Items Vertically ...

Splunk SOAR

Are you a member of the Splunk Community?

Discussions