Splunk Enterprise Security

How to get a complete list with descriptions of correlation searches in the Splunk Enterprise Security app

Thor1
New Member

How to get a complete list with descriptions of correlation searches in the Splunk Enterprise Security app with sourcetype and severity ?

Tags (2)
0 Karma

Jhunter
Explorer

(A bit off your specific question but perhaps helpful)
The use case library - has data dependencies listed for use cases

https://docs.splunk.com/Documentation/ES/6.2.0/Admin/Usecasecontentlibrary

 

0 Karma

richgalloway
SplunkTrust
SplunkTrust

I've never been able to find such a list.  The best you can do is a query to show the correlation searches available on your SH.  See https://docs.splunk.com/Documentation/ES/6.2.0/Admin/Listcorrelationsearches

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

Industry Solutions for Supply Chain and OT, Amazon Use Cases, Plus More New Articles ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...