So I've found that to get these dashboards to work in my environment, I had to make the following changes in all the searches:
change hg_event_description to cef_name
change hg_event_type to cef_signature
change hg_threat_score to cef_severity
(just a reminder: on each dashboard, click on "Edit" then "Edit Source", make the changes in the xml, then click "Save")
need to mark this as answered...
View solution in original post