...eed to make sure any member of my 24/7 security operations center can run the playbook. I'm looking for a way they can initiate the playbook without explicitly logging into Phantom. Is there a way that a...
Hello,
I am using the action RunplaybookinPhantom. Splunk can send the alert, but without fields created on Splunk. I have created the same fields on Phantom but the mapping was not performed.
I want to trigger aSplunk SOAR playbook to iterate through a list of hosts every hour and check if they are online in our EDR tool, and if they are online to display a message to the user via the E...
InSplunk ES, under the alert actions for saved searches, there are 2 options for sending alerts to Phantom.
Send to PhantomRunPlaybookinPhantom
For some reason the "Send to Phantom...