Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How to change time picker for security posture dashboard in ES?

splunky_diamond
Path Finder
‎05-11-2024 01:29 AM

Hello Splunkers!

I want to change the time picker of this dashboard in Enterprise security to provide the count of notables not over the last 24 hours, but over 12 hours. 

splunky_diamond_0-1715415903865.png

I tried changing values related to time in the source code via GUI:

splunky_diamond_1-1715416016049.png

It does not work, for some reason, the changes are not being saved, even though I am hitting the save button. Is there a way to add a time picker for this dashboard, so that we can select our interested time period at any time, and update the dashboard instantly?

Thanks in advance for taking time reading and replying to my post ❤️

Labels (2)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎05-11-2024 02:13 AM

Hi @splunky_diamond,

did you tried to go in [Configure > Incident Review]?

Surely, in this dashboard it's possible to change the time picker of the Incident Review dashboard, I'm not sure that's the same thing also for Securty Posture.

Ciao.

Giuseppe

0 Karma
Reply

splunky_diamond
Path Finder
‎05-11-2024 02:37 AM

Hello @gcusello , 

Thanks for replying to my post!

I am sorry, but I don't think I quite understand what you are suggesting. Just FYI, here are all the available configurations in the [Configure > All configurations]: 

splunky_diamond_0-1715420133299.png

I checked multiple settings, but I don't think any of them relate to a specific dashboard that I am looking to change settings for. 

Cheers,

splunky_diamond.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎05-11-2024 03:45 AM

Hi @splunky_diamond,

see in [Incident Management > Incident Review Settings]

As I said, in this form you can configure the default Time Picker for the Incident Review dashboard, see (I'm not sure!)  if the same setting is applied also to Security Posture.

Ciao.

Giuseppe

0 Karma
Reply

splunky_diamond
Path Finder
‎05-11-2024 03:54 AM

I checked, it does not apply to Security Posture, but I found something, we can add the time range to that dashboard: 

splunky_diamond_0-1715424852475.png

I just need to figure out how to bind it to my specific dashboard, and it should work!

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎05-11-2024 04:03 AM

Hi @splunky_diamond ,

good for you, see next time!

let me know if I can help you more, or, please, accept one answer (eventually your last) for the other people of Community.

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated 😉

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

    Thursday, July 9, 2026  |  11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...

Upgrade Prep for 10.4, Network Observability Deep Dives, and More from Splunk Lantern

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...

Splunk Developer Day announcements: AI agents, MCP tools, Forecasting, and Custom ...

Splunk Developer Day was packed with product and platform updates for developers building in the AI ...