![]() ![]() Run make_cluster_node.pyc to make the first cluster node.See Install Splunk Phantom as a virtual appliance. The Splunk Phantom platform combines security infrastructure orchestration, playbook automation, and case management capabilities to integrate your team, processes, and tools to help you orchestrate security workflows, automate repetitive security tasks, and quickly respond to threats. Install Splunk Phantom as a virtual appliance, once for each node you need in your cluster.Use the following checklist for a virtual machine images cluster with external services See Run make_cluster_node.pyc.īuild a cluster with external service servicesīuild a more robust cluster, putting each of the services on its own server or group of servers to serve multiple cluster nodes of Splunk Phantom. See Install Splunk Phantom as a virtual appliance. Install Splunk Phantom as a virtual machine image, once for each node you need in your cluster. ![]() Run the make_server_node.pyc script to build your Shared Services server.See Install Splunk Phantom to an existing server with RPM. Install a privileged instance of Splunk Phantom using RPM.Use the following checklist for a Single Shared Services server Any problems on the Shared Services server impact your entire Splunk Phantom cluster. A single Shared Services server becomes a single point of failure. for example: if you have correlation search in Splunk that alerts when phishing email is found. This mode is primarily intended for Proof of Value or demonstrations. Phantom is mainly used to automate repetitive tasks. This configuration is not recommended for production use. The most basic version of a Splunk Phantom cluster is a single Shared Services server connected to multiple instances of Splunk Phantom. It cannot be reverted.īuild a cluster with a single Shared Services server Azure Sentinel IBM Resilient Security Orchestration, Automation and Response (SOAR) Platform Proofpoint Threat Response FireEye Helix ServiceNow Security. Create a Splunk Phantom Cluster from an OVA installationĬonverting a Splunk Phantom virtual machine to a server or cluster node is a one-way operation. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |