The classic playbook editor will be deprecated in early 2025. Convert your classic playbooks to modern mode.
After the future removal of the classic playbook editor, your existing classic playbooks will continue to run, However, you will no longer be able to visualize or modify existing classic playbooks.
For details, see:
After the future removal of the classic playbook editor, your existing classic playbooks will continue to run, However, you will no longer be able to visualize or modify existing classic playbooks.
For details, see:
Log in to the web interface
Perform the following tasks to log in to the web interface after installation is complete.
- Using a web browser, go to the IP address you assigned to .
- If you installed as an unprivileged user, log in to 's web interface at the custom HTTPS port.
https://<ip address or hostname>:<your https port>
- If you installed as an unprivileged user, log in to 's web interface at the custom HTTPS port.
- Log in using the default credentials. Use soar_local_admin as the username and password as the password.
- Change the soar_local_admin user's password:
- Click the user name soar_local_admin, then select Account Settings.
- Click the Change Password tab.
- Type the current password.
- Type a new password.
- Type a new password a second time to confirm.
- Click Change Password.
Log in to using SSH
To SSH into the instance perform the following steps:
- Open a terminal window.
- SSH to your instance's operating system
ssh phantom@<hostname or IP address of >.
Remote SSH is disabled for the root user. The accounts user and phantom have sudo permissions. You can use the account user to administer the operating system.
Last modified on 16 September, 2024
| Install as an unprivileged user | About clusters |
This documentation applies to the following versions of Splunk® SOAR (On-premises): 6.3.0
Download manual
Feedback submitted, thanks!