Log in to the Splunk SOAR (On-premises) web interface
Perform the following tasks to log in to the Splunk SOAR (On-premises) web interface after installation is complete.
- Using a web browser, go to the IP address you assigned to Splunk SOAR (On-premises).
- If you installed Splunk SOAR (On-premises) as an unprivileged user, log in to Splunk SOAR (On-premises)'s web interface at the custom HTTPS port.
https://<ip address or hostname>:<your https port>
- If you installed Splunk SOAR (On-premises) as an unprivileged user, log in to Splunk SOAR (On-premises)'s web interface at the custom HTTPS port.
- Log in using the default credentials. Use soar_local_admin as the username and password as the password.
- Change the soar_local_admin user's password:
- Click the user name soar_local_admin, then select Account Settings.
- Click the Change Password tab.
- Type the current password.
- Type a new password.
- Type a new password a second time to confirm.
- Click Change Password.
Log in to Splunk SOAR (On-premises) using SSH
To SSH into the Splunk SOAR (On-premises) instance perform the following steps:
- Open a terminal window.
- SSH to your Splunk SOAR (On-premises) instance's operating system
ssh phantom@<hostname or IP address of Splunk SOAR (On-premises)>.
Remote SSH is turned off for the root user. The accounts user and phantom have sudo permissions. You can use the account user to administer the operating system.