Next Level Automation: What’s New with Splunk Phantom

Security Splunk
Splunk Phantom 4.10 introduced many new enhancements, including the ability to develop playbooks in Python 3. In fact, Python 3 is now the default for Splunk Phantom playbooks. In doing so, we needed to create two different “playbook runners” to ensure we could continue to support playbooks written in Python 2.7 while also supporting Python 3. This may all sound like a bunch of technical jargon, but this process yielded one key epiphany:

If we can support two playbook runners, then why not more!?

With the release of Splunk Phantom 4.10.1, that’s exactly what we did. We now allow you to configure the number of playbook runners, using Python 2 and Python 3. (We call it “vertical scaling.”) It helps you to scale automation at your organization. By configuring multiple playbook runners, a single Splunk Phantom instance can now handle, run and execute multiple actions from different playbooks simultaneously.

Previously, Splunk Phantom was able to kick off one action at a time, creating an artificial bottleneck that wasn’t directly related to system resource utilization. The only resolution for environments experiencing this bottleneck was to move to a cluster model (or add new nodes if they were already in a cluster). In a 4.10.1 world, additional playbook runners can now be used to share the load and ensure Splunk Phantom gets the most out of the resources available to it. Vertical scaling not only allows your playbooks to run concurrently, which saves time; it also enhances performance while reducing the need for managing additional costly hardware.

Ready to try it for yourself? Check out the 4.10.1 release notes or download Phantom 4.10.1 to take advantage of the latest updates.

----------------------------------------------------
Thanks!
Ian Forrest

Related Articles

Splunk Named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022
Security
1 Minute Read

Splunk Named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022

We’re thrilled to share that Splunk has been named a Leader in The Forrester Wave™: Security Analytics Platforms, Q4 2022.
Powering IT / OT Cybersecurity for Manufacturing in the AI Era
Security
5 Minute Read

Powering IT / OT Cybersecurity for Manufacturing in the AI Era

We’re thrilled to share that Splunk has been named a Leader in the IDC MarketScape: Worldwide SIEM 2026 Vendor Assessment.
Splunk Security with the Infosec App
Security
2 Minute Read

Splunk Security with the Infosec App

Get an overview of the InfoSec App for Splunk and learn more about what customers can achieve with it.