Dashboards & Visualizations

Alert to email the contents of the Security Posture dashboard

slider8p2023
Explorer

Hi,

I am trying to create a daily alert to email the contents of the Security Posture dashboard to a recipient.

Can someone please share how I can turn the content of this Dashboard from Splunk ES into a search within an ALert so it can be added to an email and be sent out daily?

Thanks

Labels (1)
0 Karma
1 Solution

gcusello
SplunkTrust
SplunkTrust

Hi @slider8p2023,

you could try to clone it going in https://<your_host>/en-US/app/SplunkEnterpriseSecuritySuite/dashboards and cloning the dashboard, but I'm not sure that it's possible to schedule it.

Otherwise, you should create a custom clone of the Security Posture dashboard using the searches that you can extract from the original dashboard and then schedule it to send by eMail as a pdf.

Ciao.

Giuseppe

View solution in original post

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @slider8p2023,

you could try to clone it going in https://<your_host>/en-US/app/SplunkEnterpriseSecuritySuite/dashboards and cloning the dashboard, but I'm not sure that it's possible to schedule it.

Otherwise, you should create a custom clone of the Security Posture dashboard using the searches that you can extract from the original dashboard and then schedule it to send by eMail as a pdf.

Ciao.

Giuseppe

0 Karma

slider8p2023
Explorer

Thanks @gcusello that seemed to work. I cloned the original dashboard panel by panel and saved it as a NON Dashboard studio dashboard. The schedule to export as PDF.

I was un-aware the scheduling of PDF exporting is not available in using Dashboard Studio.

  

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @slider8p2023 ,

good for you, see next time!

I still don't use Dashboard Studio because it doesn't still have all the features I use of the Classical Dashboard!

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated 😉

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...