yes rolled out the Add-on but not the Dashboard
mai purpose is to get input into SES, but will investiagte the dashboard
Also rolled out along with Splunk_TA_windows , TA-Sysmon-deploy, TA_PWChange and a modified System App to blacklist the metrics.log traffic (thought important)
only rolled out to a handfull of systems so far (15),
My company was looking for some similar company who had gone through the install, for reference
i am sure, most of your requirements should be met by this app, or you can request a "Feature Requst" on that github page.
As you are a new user to Splunk Answers, you can upvote the answers/comments, you can select an answer and "accept" it as the answer, so that this question will be moved to answered queue. Happy Splunking!
I was really looking for a reference company , but I really appreciate you answering (and will keep asking splunk for a reference otherwise wont be able to role out to the company)
Note loaded the Dashboard App(3544)
first thing I noticed on the Status dashboard was it wasn't using the same name for identifing a Computer
it uses sysmon | stats count by Computer | sort - count
While the TA uses ComputerName
So doesnot return anything in the search
Will see if anyone has reported to github
Many thanks again