Splunk Enterprise Security

Complete list and descriptions of pre-configured correlation searches in ES 4.0

javiergn
SplunkTrust
SplunkTrust

Hi all,

On a similar note to this question, I would also like to know the complete list of pre-configured correlation searches available in ES 4.0

We don't have ES installed and therefore I can't run the rest query suggested there, but I need this information in order to discuss the list internally before we can proceed with the POC and evaluation.

Thanks,
Javier

0 Karma
1 Solution

javiergn
SplunkTrust
SplunkTrust

Actually I'm going to answer myself as I just discovered I can have my own ES instance online and it's free for the next 15 days.

View solution in original post

saurabh_tek
Communicator

Hello Javiergn,
Although you have figured out yourself about the Enterprise security sandbox (link : http://blogs.splunk.com/2015/09/24/try-splunk-enterprise-security-for-free/). Now you can see the searches and queries running to power them. - Saurabh

0 Karma

javiergn
SplunkTrust
SplunkTrust

Actually I'm going to answer myself as I just discovered I can have my own ES instance online and it's free for the next 15 days.

View solution in original post