Skip to main content

Splunk SOAR Splunk SOAR

Splunk Phantom, renamed to Splunk SOAR, is a security orchestration, automation, and response (SOAR) solution.

Creating a Splunk SOAR connection

Using Username & Password

To create the connection you need:

  • An API Address
  • A Username
  • A Password
  • A Disable SSL Enforcement

The username and password are the same as those with which you log on to your Splunk instance.

Creating your connection

  1. In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
  2. Select the Splunk SOAR icon. A dialog box with name of the connection and connection methods appear.
  3. (Optional) Edit the name of the connection. At a later stage you cannot edit the name.
  4. Select Username & Password as the method to create the connection.
  5. Fill in the parameters:
    • The API Address
    • The Username
    • The Password
    • The Disable SSL Enforcement
  6. (Optional) Click Test Connection to test it.
  7. Click Create connection. The new connection appears on the Connections page.