Hi all,
On a similar note to this question, I would also like to know the complete list of pre-configured correlation searches available in ES 4.0
We don't have ES installed and therefore I can't run the rest query suggested there, but I need this information in order to discuss the list internally before we can proceed with the POC and evaluation.
Thanks,
Javier
Actually I'm going to answer myself as I just discovered I can have my own ES instance online and it's free for the next 15 days.
Hello Javiergn,
Although you have figured out yourself about the Enterprise security sandbox (link : http://blogs.splunk.com/2015/09/24/try-splunk-enterprise-security-for-free/). Now you can see the searches and queries running to power them. - Saurabh
Actually I'm going to answer myself as I just discovered I can have my own ES instance online and it's free for the next 15 days.