Upgrade the Splunk Phantom App for Splunk on Splunk Cloud Platform

Upgrade the Splunk Phantom App for Splunk to ensure that you can use the full functionality of the add-on.

Considerations before upgrading the Splunk Phantom App for Splunk

Read the following important information before upgrading the Splunk Phantom App for Splunk:

• Downgrading from release 2.6.22 or higher of the Splunk Phantom App for Splunk to release 2.5.23 or lower is not supported.
• When upgrading to this release of the Splunk Phantom App for Splunk from release 2.5.23 or earlier, it is recommended to upgrade to each intermediate version so that Splunk Phantom server configurations are properly converted and updated to newer formats. For example, to upgrade from release 2.5.23 to release 3.0.5, first upgrade to release 2.6.22 or 2.7.5, and then upgrade to release 3.0.5. Releases 2.6.22 and 2.7.5 both have the same server configuration, so you only need to upgrade to one of them.
• Before upgrading the Splunk Phantom App for Splunk, work with Splunk Support to backup your files by copying the $SPLUNK_HOME/etc/apps/phantom directory to another location that's not under $SPLUNK_HOME/etc/apps.

Upgrade the Splunk Phantom App for Splunk

Submit a support request to the Splunk Cloud Platform team to assist you with upgrading the Splunk Phantom App for Splunk on Splunk Cloud Platform.

Re-enter the credentials for alert action configurations

You must re-enter the credentials for alert action configurations after upgrading to this release of the Splunk Phantom App for Splunk.

1. Navigate to the Splunk Phantom App for Splunk.
2. Click on the Configurations tab.
3. Click and expand the Alert Action Configuration section.
4. Select Manage > Edit.
5. Enter the password for this configuration
6. Click "Save'.