All Apps and Add-ons

Typo in test search for "Sources Sending a High Volume of DNS Traffic/Live Data/Must have firewall data" (SSE 2.4.1)

chris_barrett
SplunkTrust
SplunkTrust

The search that drives the "Live Data"/"Must have firewall data" test for the "Sources Sending a High Volume of DNS Traffic" example is missing the 'tag=' from in front of 'network'.

Noticed in version 2.4.1 - I'm not sure if it affects earlier versions too.

0 Karma
1 Solution

David
Splunk Employee
Splunk Employee

Fixed in dev (and verified it wasn't copy-pasted anywhere)! This will be shipped in SSE 2.4.2, thank you!

View solution in original post

0 Karma

David
Splunk Employee
Splunk Employee

Fixed in dev (and verified it wasn't copy-pasted anywhere)! This will be shipped in SSE 2.4.2, thank you!

0 Karma
Get Updates on the Splunk Community!

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureOn Demand Now Step boldly into the AI revolution with enhanced security ...

Enterprise Security Content Update (ESCU) | New Releases

In March, the Splunk Threat Research Team had 2 releases of security content via the Enterprise Security ...

Join the Splunk Developer Program Hackathon: Splunk Build-a-thon!

The Splunk Developer Program is launching in beta, and we’re celebrating with an exciting hackathon! This is ...