Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How do I find Splunk Cloud configuration change events?

lindonmorris
Explorer
‎05-20-2020 04:38 PM

With multiple admins in our Splunk Cloud, we'd like to see any changes made that have a global or app wide impact.

Example: I just deleted a field alias (was: cs_User_Agent_ == http_user_agent).

Searching _audit and _internal for either of those terms, the only results I can find is searches - I can't actually find the event where it was deleted.

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Don't wait! Accept the Mission Possible: Splunk Adoption Challenge Now and Win ...

Attention everyone! We have exciting news to share! We are recruiting new members for the Mission Possible: ...

Unify Your SecOps with Splunk Mission Control

In today’s post, I'm excited to share some recent Splunk Mission Control innovations. With Splunk Mission ...

Data Preparation Made Easy: SPL2 for Edge Processor

By now, you may have heard the exciting news that Edge Processor, the easy-to-use Splunk data preparation tool ...