Archive

Should I hide Extreme Search?

Builder

All,

I just installed ES. We're moving nice and slow here. I see it installs a supporting app called "Extreme" Search. Is there any reason to leave this isVisible=true? Should I just hide it from the menu's or is this something eventually users really get into?

0 Karma

Communicator

Hi,

Extreme Search is used to help you answer qualitative questions like "is the amount of critical malware normal?" George Starcher wrote an excellent introduction to it here: http://www.georgestarcher.com/splunk-getting-extreme-part-one/

The version in Enterprise Security is pretty old, and IIRC the visualizations it ships are broken; you might want to download this to get a better feel for what it can do: https://splunkbase.splunk.com/app/2855/#/details

At the end of the day, it's step one in a sequence... see https://www.scianta.com/xvcs for the latest tech.