Monitoring Splunk

Possible bugs/typos

thipsz
Explorer

Propably event format for field transformations "outbound_interface_for_checkpoint" is incorrect and it should be "outbound_interface::$1"

Also fields extraction "opsec : REPORT-rule_for_opsec" refers to transform rule that doesn't exist.

0 Karma

alacercogitatus
SplunkTrust
SplunkTrust

Not a question, contact the App Author to report bugs/typos.

http://apps.splunk.com/app/1454/ - Check Contact info in the Bottom Right.

alacercogitatus
SplunkTrust
SplunkTrust

No worries, please accept this answer if it addressed your need. Thanks!

0 Karma

thipsz
Explorer

My appologies.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In January, the Splunk Threat Research Team had one release of new security content via the Splunk ES Content ...

Expert Tips from Splunk Professional Services, Ensuring Compliance, and More New ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Observability Release Update: AI Assistant, AppD + Observability Cloud Integrations & ...

This month’s releases across the Splunk Observability portfolio deliver earlier detection and faster ...