Splunk SOAR

Community Activity

Phantom : Warm-standby failover is not working as the filesystem size of /opt/phantom/db is more than /tmp/? How to fix it? Warm-standby failover is not working as the filesystem size of /opt/phantom/db is more than /tmp/. How to fix it? by sdubey_splunk Splunk Employee in Splunk SOAR 07-17-2019 0 1	0	1
Installing Splunk Phantom on CentOS 7.6. RPM file in installation guide is invalid Hello all, I am attempting to install Splunk Phantom 4.5 (not the Phantom App for Splunk) on a CentOS 7.6 VM on ESXi.... by mdundas Explorer in Splunk SOAR 06-24-2019 1 13	1	13
Process filters losing information Anyone running into an issue where process filters(filters/decisions) will randomly lose assigned values causing play... by mtrossman New Member in Splunk SOAR 06-20-2019 0 0	0	0
Remove all events from phantom Hello, is there a way to remove all events from phantom by impsk New Member in Splunk SOAR 06-18-2019 0 2	0	2
How to Delete Multiple container There could be tens to hundreds of containers that would like to be deleted. What is the best way to delete these? by rsantoso_splunk Splunk Employee in Splunk SOAR 06-16-2019 0 1	0	1
Phantom System Health Check Would like to ask on how can we determine if the System Health being shown is still within threshold and will not aff... by rsantoso_splunk Splunk Employee in Splunk SOAR 06-16-2019 0 1	0	1
Phantom Splunk App - "post data" action API error I'm attempting to use the "post data" action of the Splunk app in Phantom. I'm fairly certain that I've correctly con... by jamescannalte Engager in Splunk SOAR 06-14-2019 0 1	0	1
How to separate saved search exports in Phantom app for different Splunk users? I work in an environment where there are different projects for different developers. I want each project to receive ... by noysherer Explorer in Splunk SOAR 05-28-2019 1 1	1	1
phantom subscription model Does anyone know what is the Phantom subscription? Previously, a free version was limited to 10 playbook or 25 events... by littie New Member in Splunk SOAR 05-24-2019 0 2	0	2
Phantom app for Splunk There was an error adding the server configuration. Verify server's 'Allowed IPs' and authorization configuration. St... by borisk95 New Member in Splunk SOAR 05-11-2019 0 0	0	0
How do I create a phantom playbook that takes data from a splunk alert and post it to a REST api? Hi,I am totally new to Splunk and phantom. Please help me with the below idea.I want to create a Phantom playbook tha... by sujana96 New Member in Splunk SOAR 04-14-2019 0 0	0	0
How to Phantom Playbook Hi, there I am sorry for the basic questions.Please tell me about the following. What is the definition of Playbook t... by cochma New Member in Splunk SOAR 03-17-2019 0 1	0	1
Splunk App for Phantom to export Raw Logs I am using App Version 2.5.23: Go to the app and click on “new saved search Export” I have created the saved search... by rsantoso_splunk Splunk Employee in Splunk SOAR 03-11-2019 0 1	0	1
Schedule/PreviewWindow configure on Splunk for Phantom App [ Splunk deployment/architecture ] Splunk Enterprise: 7.2.0 / Standalone / CentOS 7.4 Phantom App for Splunk：2.6.22 h... by rsantoso_splunk Splunk Employee in Splunk SOAR 03-06-2019 0 1	0	1
Where should I download Phantom app? I've downloaded Splunk 7 and installed the Phantom app for Splunk. But, I found out that my Phantom app is different ... by hiahiahia Explorer in Splunk SOAR 12-13-2018 0 2	0	2
How to get Splunk fields as artifacts into Phantom? Hi, trying to get Palo Alto alerts for critical, high and medium threat alerts from Splunk into Phantom. In phantom... by andreasbischoff Explorer in Splunk SOAR 12-03-2018 0 2	0	2
Phantom Issue ---"File contains parsing errors: [line 2]: '\xef\xbb\xbf# Version 7.2.1\n'" Hi Splunkers, We are trying to forward the events to Phantom via data model export function. When we click on save an... by renjujacob88 Path Finder in Splunk SOAR 11-27-2018 0 0	0	0
Phantom 3.5.x Adaptive Response Action in Splunk ES 5.1 I'm trying to integrate Splunk ES 5.1 running on Splunk Core 7.1. I have the Phantom app configured, connected to the... by claudiocruz Engager in Splunk SOAR 11-20-2018 0 2	0	2
Why is compile_app.py failing to install my phantom app? I'm working my way through the phantom appdev tutorial and can't get past an annoying issue when attempting to compil... by gf13579 Communicator in Splunk SOAR 11-12-2018 0 7	0	7
Why am I getting an error when using the Send to Phantom alert action? Splunk Version: 7.1.2Phantom App for Splunk Version: 2.5.23 My alerts are being triggered successfully, but there is ... by rplas Explorer in Splunk SOAR 11-05-2018 3 1	3	1
How to find out what SIM model is established for the security logs in Splunk? How to find out what SIM model is established for the security logs in Splunk? by ankithreddy777 Contributor in Splunk SOAR 01-12-2017 0 3	0	3