Install Splunk Phantom on Centos 7
Hi all,
I assume that you have spun up a CentOS 7 VM , a valid Phantom account(you can register it https://my.phantom.us/ ) , running Splunk instance and running Active Directory Domain Controller.
Login to your VM and perform an update by running yum update.
After the update has been completed , install Phantom by running the command below.
rpm -Uvh https://repo.phantom.us/phantom/4.8/base/7/x86_64/phantom_repo-4.8.24304-1.x86_64.rpm
***To get the latest release please visit the Phantom page.
Go to /opt/phantom/bin
Start the installer bu running the command below.
./phantom_setup.sh install
You will have warnings related to disk space , if you are setting up it in prod environment consider all the warnings seriously.
Installer will ask you for a username and password . This is the username and the password pair which you use to login to https://my.phantom.us page.
Login to web UI:
https://splunkphantomcore01.northeurope.cloudapp.azure.com:443
Default username is admin and default password is password
Change your password at first logon 🙂

and continue with initial configuration.
Regards.