Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
204 results
Sorted by:
08-06-2020
11:13 AM
What is best practice for the HEC endpoint(s) for the "Phantom Remote Search" app in a clustered environment? Per the instructions in the url below for configuring the "Phantom Remote Search" app...
Labels
- Labels:
-
configuration
-
installation
10-11-2021
06:14 PM
...f we go with one index with multiple sourcetypes also during add-on update, will there be any impact? https://splunkbase.splunk.com/app/4153/
Labels
06-29-2021
09:07 PM
...xternal Splunk instance (both Indexer & Search head) but the Splunk is on Cloud (saas product) 1. My question is would it support for building the Splunk Phantom with out Splunk embedded i...
Labels
- Labels:
-
installation
08-23-2022
11:25 AM
I use "the Splunk Phantom Remote Search app" to connect the Phantom to the Splunk Enterprise, it works fine until after migrating the Splunk indexer cluster to new servers, my Phantom stop forward l...
Labels
01-03-2020
12:34 PM
I have not been able to see any of the logs in splunk that we are supposed to. We added the Phantom remote search app to splunk and have it configured, but i am not able to see a connection p...
01-23-2019
09:56 AM
1 Karma
Does the Phantom Remote Search app get installed on my Enterprise Security Search Head, a HEC server, or another server all together? Seems there are search, HEC inputs, and index portions yet it's o...
08-17-2016
10:26 AM
We have a well established Splunk app on an instance which is serving as a Search Head and an Indexer. However, there are some data there which needs to be forwarded to some other site, which hosts a...
11-04-2018
01:18 AM
1 Karma
...reate their own saved search exports, however, don't want them to see each other's export details.
So basically my problem is that if I give their Splunk users permissions to the Phantom app then they c...
Labels
- Labels:
-
administration
-
configuration
-
using Phantom
05-05-2021
04:46 AM
Hi, I would like to know if there is the possibility to automatically trigger a playbook when there is a change in the status of a container (e.g. when it becomes "Closed")? Thank you in advance!
Labels
- Labels:
-
using Phantom
