How do I get my Incident Review in ES to auto refresh, without having to manually auto refresh it from the browser. by mr_t2083 Explorer in Splunk Enterprise Security 02-15-2024 1 8 | 1 | 8 | ||
Hello Team We have a UBA 3-nodes architecture. Unfortunately, SAML authentication is required. We added the SAML xml ... by adol83 Explorer in Splunk User Behavior Analytics 02-14-2024 0 1 | 0 | 1 | ||
Hi Guys, I would ask how to add a link on the next steps form. on the correlation search I read: "Add a link to an ... by aasabatini Motivator in Splunk Enterprise Security 02-14-2024 0 5 | 0 | 5 | ||
Hello, How do I obtain an NFR license (or the like)? We have integrations with Splunk but no way to test/evaluate th... by DRWhite1 New Member in Splunk Enterprise Security 02-13-2024 0 2 | 0 | 2 | ||
Hi Everyone,We`ve created a new TA to get data in from an API - this was done on the HF and the data is being sent to... by tomapatan Communicator in Splunk Enterprise Security 02-09-2024 0 1 | 0 | 1 | ||
Why I can't I see data on Splunk ES Non-corporate Web Uploads? When I click on the user, I get mariangelie.rodriguez... by jamesbanday New Member in Splunk Enterprise Security 02-08-2024 0 1 | 0 | 1 | ||
Hi Folks, lately MC started behaving little wired, after performing investigation whenever SOC analyst trying to redu... by vishenps Path Finder in Splunk Mission Control 02-08-2024 0 3 | 0 | 3 | ||
Hi peeps, We were fine tuning the Notable Event, and there were fields that were not showing any values. Those fields... by syazwani Path Finder in Splunk Enterprise Security 02-08-2024 0 3 | 0 | 3 | ||
Hi All,The data checkpoint file for windows logs is taking up a lot of disk space (over 100 GB).Where can I check the... by navarec Explorer in Splunk Enterprise Security 02-07-2024 1 0 | 1 | 0 | ||
I was wondering if anyone knew where I could find it either in the logs or even better the audit REST endpoint if an ... by bcline-lm New Member in Splunk SOAR (f.k.a. Phantom) 02-07-2024 0 0 | 0 | 0 | ||
Hi, I am looking send an email to user with simple yes/no response which I can then use to handle the case. I know Pa... by rodneyjerome Explorer in Splunk SOAR (f.k.a. Phantom) 02-07-2024 0 2 | 0 | 2 | ||
We wonder what the identity, Asset, File and URL Extraction fields are in the Notable set-up of the correlation searc... by danielbb Motivator in Splunk Enterprise Security 02-07-2024 0 3 | 0 | 3 | ||
Our current SOAR servers, fresh install on AWS EC2s, 500's each night. Upon investigation, it looks like there's this... by catherinelam Loves-to-Learn in Splunk SOAR (f.k.a. Phantom) 02-06-2024 0 4 | 0 | 4 | ||
As the title suggests, I got some SSL certs from my teams, but because the default SSL port is 8443, it's not recogni... by catherinelam Loves-to-Learn in Splunk SOAR (f.k.a. Phantom) 02-06-2024 0 0 | 0 | 0 | ||
Hi all,In my AD computer account deletion correlation search, I use _time and subjectusername in throttling fields fo... by AL3Z Builder in Splunk Enterprise Security 02-05-2024 0 3 | 0 | 3 | ||
hello all!is there a default time that events (containers/cases) are stored in the SOAR server to approach to?and if ... by meshorer Path Finder in Splunk SOAR (f.k.a. Phantom) 02-04-2024 0 5 | 0 | 5 | ||
Hi all,I need to clarify the correlation searches within SOAR. Is there any way to identify them? by AL3Z Builder in Splunk SOAR (f.k.a. Phantom) 02-03-2024 0 5 | 0 | 5 | ||
Hi,I would like to know about the triggered notable events from CS without accessing the incident review dashboard, a... by AL3Z Builder in Splunk Enterprise Security 02-03-2024 0 1 | 0 | 1 | ||
I need to calculate the average number of events in the last hour and compare it with the number of events in the las... by Haleb Explorer in Splunk Enterprise Security 02-02-2024 0 1 | 0 | 1 | ||
Having issues with fetching investigations in incident review.Investigation is added for the alert but when accessing... by dood9999 Engager in Splunk Enterprise Security 02-01-2024 0 0 | 0 | 0 | ||
Hello,We have PROD and DEV instance that are both running Mission Control with the following versions below:PROD - ES... by kevinmabini Engager in Splunk Mission Control 02-01-2024 0 2 | 0 | 2 | ||
Hey folks, does anyone know of a straightforward way to get a count of the number of times each playbook is used as a... by jenniandthebets Explorer in Splunk SOAR (f.k.a. Phantom) 01-31-2024 1 2 | 1 | 2 | ||
I am looking for a query to list out CrowdStrike Agent versions installed. What is the latest version, are the client... by smithahc1966 New Member in Splunk Enterprise Security 01-30-2024 0 1 | 0 | 1 | ||
I'm looking to close out (or delete) all notable events that were created prior to a specific date time. The way the... by gbam Observer in Splunk Enterprise Security 01-28-2024 0 1 | 0 | 1 | ||
What health check items would you configure for Ent. Security app. for general purpose of for Security watch purposes... by SamHTexas Builder in Splunk Enterprise Security 01-27-2024 0 2 | 0 | 2 |
Splunk has training and education options for everyone, whether it's your first or fiftieth deployment.