Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to change time picker for security posture dashboard in ES?

splunky_diamond
Path Finder
3 weeks ago

Hello Splunkers!

I want to change the time picker of this dashboard in Enterprise security to provide the count of notables not over the last 24 hours, but over 12 hours. 

splunky_diamond_0-1715415903865.png

I tried changing values related to time in the source code via GUI:

splunky_diamond_1-1715416016049.png

It does not work, for some reason, the changes are not being saved, even though I am hitting the save button. Is there a way to add a time picker for this dashboard, so that we can select our interested time period at any time, and update the dashboard instantly?

Thanks in advance for taking time reading and replying to my post ❤️

Labels (2)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
3 weeks ago

Hi @splunky_diamond,

did you tried to go in [Configure > Incident Review]?

Surely, in this dashboard it's possible to change the time picker of the Incident Review dashboard, I'm not sure that's the same thing also for Securty Posture.

Ciao.

Giuseppe

0 Karma
Reply

splunky_diamond
Path Finder
3 weeks ago

Hello @gcusello , 

Thanks for replying to my post!

I am sorry, but I don't think I quite understand what you are suggesting. Just FYI, here are all the available configurations in the [Configure > All configurations]: 

splunky_diamond_0-1715420133299.png

I checked multiple settings, but I don't think any of them relate to a specific dashboard that I am looking to change settings for. 

Cheers,

splunky_diamond.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
3 weeks ago

Hi @splunky_diamond,

see in [Incident Management > Incident Review Settings]

As I said, in this form you can configure the default Time Picker for the Incident Review dashboard, see (I'm not sure!)  if the same setting is applied also to Security Posture.

Ciao.

Giuseppe

0 Karma
Reply

splunky_diamond
Path Finder
3 weeks ago

I checked, it does not apply to Security Posture, but I found something, we can add the time range to that dashboard: 

splunky_diamond_0-1715424852475.png

I just need to figure out how to bind it to my specific dashboard, and it should work!

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
3 weeks ago

Hi @splunky_diamond ,

good for you, see next time!

let me know if I can help you more, or, please, accept one answer (eventually your last) for the other people of Community.

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated 😉

Reply
Get Updates on the Splunk Community!

Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...

We’ve streamlined the troubleshooting experience for database-related service issues by adding a database ...

IM Landing Page Filter - Now Available

We’ve added the capability for you to filter across the summary details on the main Infrastructure Monitoring ...

Dynamic Links from Alerts to IM Navigators - New in Observability Cloud

Splunk continues to improve the troubleshooting experience in Observability Cloud with this latest enhancement ...