I've recently moved from an on-prem SplunkSOAR to the SaaS-based SOARCloud and am wondering if there's an equivalent to delete_containers.py script for Cloud? I'm aware we can't run b...
Hi Splunkers, we have to connect our On Prem SOARSolution (Palo Alto Cortex) to a SplunkCloudinstance. The dedicated SOARintegrations use API and ask: Username Password URL/Hostanem/IP A...
...tc.) isn't being indexed and doesn't appear insearch inSplunk. I tried reindexing the data through SOAR but it didn't work. Adding audit input in the app is working fine, but data isn't being in...
Hey all, I'm trying to find a way to bulk delete containers via the API inSOARCloud. Had an issue where Splunk created ~8000 containers to one of my labels when testing, and no way am i...
Hi Team, Could you please help me on running query inSplunk, The query starts with | ldapsearch. run query only have command search,tstats,eval,savedsearch,stats Could you please guide me on t...
hello
i installed Splunksoarsuccessfully on CentOS 7
entered the ip address and port and it opened for me Splunksoar logging page
i entered the credentials i remeber used when installing t...
...hat comes with SOAR, adding a user called "user" and trying that password. None of it works, and after 5 attempts it ruins the installation and I have to scuttle the VM and start over. Anyone run into t...
....9, Splunk App for SOAR 1.0.41, and SOAR (Unprivileged, On-prem) v6.0.0.114895. What's interesting is I can see the events be created inSplunk Enterprise in the phantom_action_run index: Does a...