Splunk Enterprise Security

Rest call to app/SplunkEnterpriseSecuritySuite/ess_notable_suppression_list to pull the details.

tonymorin
Explorer

app/SplunkEnterpriseSecuritySuite/ess_notable_suppression_list

I need to pull a report from the Notable Event Suppressions I am not sure how.

Label Description Start Time Expiration Time Status

Thanks in advance.

Labels (1)
0 Karma
.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!