Splunk Enterprise Security
Highlighted

How to retrieve open incidents from splunk enterprise security?

Is it the proper way to get incidents through a webhook that searchs for notable events and send them to our api?

I could not find a way to retrieve open incidents.

0 Karma