Hello community, I have come across the issue when I got identical token generated for SOAR user "REST" that I am using for SIEM-SOAR integration and the same was in the Splunkapp for SOAR. When I...
Hi All,
Today I have upgraded Splunk version from 6.5.3 to 7.1.2 in my lab environment and found that Splunk 6.5 Overviewapp still exists in spite overwriting with new version overviewapp. S...
Hello! I'm working on setting up the integration between SplunkSOAR and Splunk using the SplunkApp for SOAR Export. I was able to configure my SOAR server in the app and verify connectivity, but I...
We had previously been successfully using the Splunk SMTP app for SOAR (Phantom) until the beginning of this year. We are currently on v5.5.0 of SOAR and v2.3.0 of the SMTP app. I am w...
...rime and Assignment Group should be always a particular team Service Now queue name. By using the current App in Splunk Phantom I dont know how to set my required fields.
Kindly suggest.
I am trying to make a custom function for Cybereason, however as I am not so familiar with Python I was wondering if there is a way to pull the credentials from the existing app so that I do not h...
I installed the SplunkApp for SOAR Export app on Splunk, and I can see two alert options in manage alerts, namely 'Run Playbook in SOAR' and 'Send to SOAR'. However, when I go to add an alert a...
Hi all,
I have installed the latest SplunkSOAR (5.4) on my instance for testing. The default https port is set to 8443. I have tried to force the port to be on 443 by using the --https-port 443 o...
I'm trying to use the SplunkApp for SOAR to forward logs and events from SOAR to Splunk Enterprise. The servers seem to be connected (test connectivity works) but the data (events, playbook runs e...