Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to add new field for filtering in Splunk ES incident review?

gd288288
Observer
‎03-28-2023 08:01 PM

Hi all,

I would like to ask is that a way to add a another field for filtering in the Splunk ES incident review page? Currently there are only some default fields for filtering such as security domain, search type and status 

Regards,

Colin

0 Karma
Reply
Get Updates on the Splunk Community!

Tech Talk | One Log to Rule Them All

One log to rule them all: how you can centralize your troubleshooting with Splunk logs We know how important ...

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...