topic Re: Do u please have a few useful Correlation searches (SPLs) related to UBA for ES? in Splunk Enterprise Security https://community.splunk.com/t5/Splunk-Enterprise-Security/Do-u-please-have-a-few-useful-Correlation-searches-SPLs-related/m-p/561599#M10148 <P>Have you checked any of the ES Content Update or Splunk * Essentials apps?&nbsp; Keep in mind the most useful UBA-related searches are likely confined to the UBA app itself.</P> Sat, 31 Jul 2021 16:50:14 GMT richgalloway 2021-07-31T16:50:14Z Do u please have a few useful Correlation searches (SPLs) related to UBA for ES? https://community.splunk.com/t5/Splunk-Enterprise-Security/Do-u-please-have-a-few-useful-Correlation-searches-SPLs-related/m-p/561564#M10147 <P>I need a few useful Correlation searches (SPLs) to keep a close eye on user (internal or malicious) behavior in ES please? Thank u in advance.</P> Fri, 30 Jul 2021 20:52:16 GMT https://community.splunk.com/t5/Splunk-Enterprise-Security/Do-u-please-have-a-few-useful-Correlation-searches-SPLs-related/m-p/561564#M10147 SamHTexas 2021-07-30T20:52:16Z Re: Do u please have a few useful Correlation searches (SPLs) related to UBA for ES? https://community.splunk.com/t5/Splunk-Enterprise-Security/Do-u-please-have-a-few-useful-Correlation-searches-SPLs-related/m-p/561599#M10148 <P>Have you checked any of the ES Content Update or Splunk * Essentials apps?&nbsp; Keep in mind the most useful UBA-related searches are likely confined to the UBA app itself.</P> Sat, 31 Jul 2021 16:50:14 GMT https://community.splunk.com/t5/Splunk-Enterprise-Security/Do-u-please-have-a-few-useful-Correlation-searches-SPLs-related/m-p/561599#M10148 richgalloway 2021-07-31T16:50:14Z