Splunk® Phantom (Legacy)

Release Notes

This documentation does not apply to the most recent version of Splunk® Phantom (Legacy). For documentation on the most recent version, go to the latest release.

Welcome to Splunk Phantom 4.10.6

If you are new to Splunk Phantom, read About Splunk Phantom in the Use Splunk Phantom manual to learn how you can use Splunk Phantom for security automation.

Begin your Splunk Phantom installation by reviewing the following documentation:

Planning to upgrade from an earlier version?

If you plan to upgrade to this version from an earlier version of Splunk Phantom, read Prepare your Splunk Phantom deployment for upgrade in the Install and Upgrade Splunk Phantom manual.

Splunk Phantom requires incremental upgrades from earlier versions. Do not skip any required versions when upgrading Splunk Phantom.

These release notes are in addition to the release notes for Splunk Phantom 4.10.0, Splunk Phantom 4.10.1, Splunk Phantom 4.10.2, Splunk Phantom 4.10.3, and Splunk Phantom 4.10.4.

End of support for TLSv1.1

This release of Splunk Phantom ends support for TLSv1.1. The nginx configuration is updated to TLSv1.2 during upgrade.

If you wish to manually update to TLSv1.2, do the following steps:

For privileged deployments

  1. Edit the file /etc/nginx/conf.d/default.conf.
    1. Change the ssl_protocols setting to TLSv1.2;.
    2. Change the ssl_session_cache setting to shared:TLS:2m;.
  2. Restart nginx.

For unprivileged deployments

  1. Edit the file <PHANTOM_HOME>/usr/nginx/conf/conf.d/phantom-nginx-server.conf.
    1. Change the ssl_protocols setting to TLSv1.2;.
    2. Change the ssl_session_cache setting to shared:TLS:2m;.
  2. Restart nginx.

What's new in 4.10.6

This release of Splunk Phantom includes the following enhancements.

New Feature or Enhancement Description
Updated urllib3 to version 1.26 The updated urllib3 now correctly enforces the difference between http and https proxies. If you have previously set up a proxy for Splunk Phantom, you must make sure it correctly responds to http or https requests and has valid certificates.
Updated NGINX to version 1.21.1 The NGINX package has been updated to version 1.21.1 in order to remediate the following:
Last modified on 04 August, 2021
  Known Issues in this release of Splunk Phantom

This documentation applies to the following versions of Splunk® Phantom (Legacy): 4.10.6

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters