Hi guys I tried installing Splunk Phantom as an underprivileged user as per the documentation: https://docs.splunk.com/Documentation/SOARonprem/5.0.1/Install/InstallUnprivileged Although I p...
Hi,
I have a simple AWS environment, and want to create an EC2 instance with the SplunkSOAR (On-premises) AMI from the Amazon Marketplace running on it.
I am following these i...
SplunkSOAR (On-premises) installs with a default license, the Community License. The Community License is limited to: 100 licensed actions per day 1 tenant 5 cases in the New or Open s...
hello, I am trying to gather important logs from the daemons ( in order to forward them to an external siem), that I could use to fire an alert when one of the following occurs: 1. an automated p...
SOAR version 5.1.0.70187 on-prem installation. Can you please advise, how I can install a Python 2 app from the source code?
The python 2 app in question is GitHub - splunk-soar...
Hi everyone, I have limited disk space on /var/log path, so I try to manage phantom log rotation ( follow this link: Configure the logging levels for SplunkSOAR (On-premises) daemons - Splunk D...
We had previously been successfully using the Splunk SMTP app for SOAR (Phantom) until the beginning of this year. We are currently on v5.5.0 of SOAR and v2.3.0 of the SMTP app. I am w...
Hi, I'm doing prep work for my 8.2.6 upgrade to 9.0.1 and I have a couple of apps which are not listed as compatible with 9.0 in Splunkbase. These are: Splunk Datasets Add-on | Splunkbase Splunk S...
....0.1, ES 6.1.1, Phantom Add-On 3.0.5 and Phantom Community Edition 4.8.24304; all are the latest versions as of 5/25/20.
My use case for the playbook is as follows:
1 - ES Correlation Search c...