...ome question popped-up as part of the process:
To which version and products of Splunk we should make the integration? is it a generic integration to all of them and we only need to switch p...
...integrations are intact and I did successfully push notable to Prod during troubleshooting. Splunk Cloud was recently updated to 9.0Splunk Enterprise 9.0 is compatible with current PhantomApp...
I want the below audit information from Phantom server ingested into Splunk ES and how to retrieve it? 1) Login Success
Failure
I can see only login and logout information in : /var/log/phantom...
https://docs.splunk.com/Documentation/Splunk/9.0.0/Admin/MigrateKVstore#Upgrade_KV_store_server_to_version_4.2 Upgraded Splunk Enterprise version 9.0.0 from 8.2.5
Looking to see how to upgrade m...
Hello,
I recently upgraded Splunk Enterprise (and Heavy Forwarder) instances to 8.2.5 and 8.2.6. Both versions (maybe others too) install the Python Upgrade Readiness App 1.0 as default. Then Splunk...
...s which is the latest and most Stable Splunk Enterprise version 8.x and Splunk ES Version 6.x? Splunk Enterprise Version 8.0.3? 8.0.4? 8.0.5? Splunk ES Appversion 6.2.0? 6.1.1, 6...
Phantomversion 4.1.94
Splunkversion 6.6.5SplunkPhantomApp 2.5.23
ES version 4.7.1
When go toSplunk ES Notables, there also not able to see "Send toPhantom" action in "Run Adaptive R...
Does anyone have a cheat sheet for btool to help newbies? Here is my version of btool cheat sheet: splunk btool <conf_file_prefix> <sub-cmd> <context> --debug "%search s...
....0.1, ES 6.1.1, Phantom Add-On 3.0.5 and Phantom Community Edition 4.8.24304; all are the latest versions as of 5/25/20.
My use case for the playbook is as follows:
1 - ES Correlation Search c...