Splunk SOAR (f.k.a. Phantom)

Issues with Microsoft Exchange On-Premise EWS polling



We are using Microsoft Exchange On-Premise EWS app version 2.0.29 (Upgraded from 2.0.17) and we are experiencing some issues with Polling.

First of all the "oldest first" parameter seems to work as "latest first" and the "latest first" works as "oldest first".

Secondly the Scheduled/interval polling is working this way (more or less in every single test I have made):

- First iteration: brings the Max emails per scheduled polling.

-Second iteration: brings the first iteration number of emails.

-Third iteration: brings the max emails per scheduled polling.

-After that it does not bring any more emails despite the fact that there are more pending emails to bring.


As well it seems that there is a cache when I try the same emails and there are some emails missing when I execute the Scheduled polling over the same set of emails.


Can you help please?


Thank you!


Labels (1)
0 Karma

Path Finder


Have you tried the previous version 1.0.105? We raised a support case for the latest version for similar issues and they are looking into a fix as the state file isn't filled out correctly.

Oldest first for us didn't work at all, so we had to use latest which puts everything out of order.

0 Karma



For app related issues, you can try reporting it Phantom Support / or to the developer of the App.

In the meantime, just revert to the working app version while the issue is being identified / fixed in the newer version.


0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...