I can't find any material for studying Splunk security essential app, is there any documentation or videos explaining that app?
How do you get the data into SSE app ???
Do I have to use CIM to change source type to common name that SSE will understand?
if you look here https://splunkbase.splunk.com/app/3435/#/details you can find all the information you are looking for in very detailed listings. It also includes a link to a video.
Hope this helps ...
View solution in original post