All Apps and Add-ons

Security Essentials

pglover
Engager

Hi all,

A 3rd party has installed Splunk SE and it hasn't been fully configured. I'm looking at the Basic Malware Outbreak and it references symantec, how do I amend this to include our antivirus?

Labels (1)
0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

Copy the SPL from SSE into a new search in your app.  Make the necessary changes.  Save it as an alert.

---
If this reply helps you, an upvote would be appreciated.

View solution in original post

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Copy the SPL from SSE into a new search in your app.  Make the necessary changes.  Save it as an alert.

---
If this reply helps you, an upvote would be appreciated.

View solution in original post

0 Karma