Splunk Enterprise Security

Splunk CIM Validator: Issue Field validation error "no validation regex was found to evaluate"

dheerajdwiv
Engager

While validating the varonis logs using Splunk CIM Validator App, I am getting following error "no validation regex was found to evaluate" for " severity_id" field even though all the values are properly being extracted 100%. What steps are exactly needed to fix this error? Please help
alt text

0 Karma
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to ...

Logs to Metrics

Logs and Metrics Logs are generally unstructured text or structured events emitted by applications and written ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...