First of all, I'm currently loving the Splunk Security Essentials, so many things to do with it.
One think I would like to do would be after implementing a use case, let's say Basic Scanning, somewhere that could I link the search that was implemented. Maybe on the Manage Bookmarks page?
Or maybe someone has a better approach to doing this inside Splunk?
Hi rafael_szt, there are many solutions, it really depends on what you'd like to achieve. Most likely you would probably just create a new app with a dashboard that features some graphic or report based on the search that you implemented. Oliver
Hello ololdach, thank you for the suggestion.
What I was thing of was mostly to have centralized the use cases that were already implemented in the Splunk Security Essentials (like the Bookmarks dashboard), and the searches that implement them.