Splunk® Phantom (Legacy)

Administer Splunk Phantom

Splunk Phantom 4.10.7 is the final release of Splunk's Security Orchestration, Automation, and Response (SOAR) system to be called Splunk Phantom. All later versions are named Splunk SOAR (On-premises). For more information, see the Splunk SOAR (On-premises) documentation.

Locate long-running playbooks for debugging or troubleshooting in Splunk Phantom

Use the Automation page to locate playbooks that have been running for a long time.

As an example, suppose your system health indicators show heavy utilization, but you are not aware of any process that must be running for a long period of time. You can start on the Automation page to see if any playbooks might be running intensive applications or experiencing other problems.

Perform the following tasks to access the Automation page:

  1. From the Main Menu, select Administration.
  2. Select System Health > Automation.
Last modified on 25 January, 2020
Enable and download audit trail logs in Splunk Phantom   View the playbook run history in Splunk Phantom

This documentation applies to the following versions of Splunk® Phantom (Legacy): 4.8, 4.9, 4.10, 4.10.1, 4.10.2, 4.10.3, 4.10.4, 4.10.6, 4.10.7

Was this topic useful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters