Hello,
I am trying to find a native solution in order to monitor the execution of a Phantom Playbook. In case one of the actions fail, or a specific message/data is returned by a custom function, d...
...ould like to clarify what are expected actions inPhantom app.
[ Issue description ]
We configured Saved Search Export in Event Forwarding. Here are our observation from our test. As a result, we do n...
Good morning,
I woud like to test SplunkPhantom Community Edition in my home lab. When I try to install it following the documentation, the following error appears:
About to proceed with Phantom...
Issue: Phantom Add-on for Splunk – is not saving any changes done on Saved searches and below error is observed in logs internally. Error observed inInternal logs : 2022-11-17 17:19:1...
i have Multiple event forwardings enabled on my Phantom App for Splunk that use saved searches to trigger notable events to phantom. I had recently we upgraded the App from ver 4.0.35 to 4.1.73...
...ith this use ease". This answer is that this is my interpretation of the Splunk ES and Phantomintegration. I want to be able to use Phantom to collect evidence, conduct additional searches and close t...
I am using Splunk Enterprise and wish to automatically forward events to Phantom. I am able to send events to Phantom with a saved search using the Phantom add-on. However, to send events to Phantom...
My the Phantom app's phantom_forwarding.log generated such logs: phantom_forward:129 - C:\Program Files\Splunk\etc\apps\phantom\bin\scripts\phantom_forward.py called without a session token. D...
...ant to send the results of this carbon black search back into Splunk
I can see that i can use the Splunk App inPhantom and use the postdata command.
However i only seem to be able to sned back o...