I get this error when i attempt to add a server totheSplunkPhantomApp on Splunk Enterprise. I have added thephantom role tothe admin role within Splunk Enterprise. I have disabled SSL v...
I used a custom function that parses out email addresses from an alert, I used thephantom.add_artifact function to add the artifact tothe container. I am then using a filter to check forthe a...
Hi all,
I am trying to use the screenshot machine API to get an The image is not displayed properly.
We have confirmed that the API is working properly and The execution history shows the f...
...integrations are intact and I did successfully push notable to Prod during troubleshooting. Splunk Cloud was recently updated to 9.0Splunk Enterprise 9.0 is compatible with current PhantomApp...
...ired Tiger storage engine, and update your MongoDB version from 3.6 to4.2. These updates are required in Splunk Enterprise 9.0. See Migrate the KV store storage engine in the Admin&n...
Phantomversion4.1.94
Splunkversion 6.6.5
SplunkPhantomApp 2.5.23
ES version4.7.1
When go toSplunk ES Notables, there also not able to see "Send toPhantom" action in "Run Adaptive R...
My thePhantomapp's phantom_forwarding.log generated such logs: phantom_forward:129 - C:\Program Files\Splunk\etc\apps\phantom\bin\scripts\phantom_forward.py called without a session token. D...
We are trying toforward the events tophantom via datamodel export function. when we click on save and preview , we are getting the option button "Send toPhantom". But when clicked we are getting a...
Hello Everyone.. Please reply if you have any solution to add show more and show less function in splunk dashboard table column. lets say there is one table with 4 columns - C1, C2, C3, C4 and 5 r...
SplunkappforPhantom supports running a query on Splunk. I am trying to use foreach in my query, but the action fails with an error
| foreach x_* [ eval f_{<<FIELD>>}=if(i...