Splunk Enterprise Security

Threat Intelligence Searches Not Populating threat_activity Index

Path Finder

The search "Threat - Source and Destination Matches - Threat Gen" is working and producing results, only the results aren't ending up in the threat_activity index where I would expect them to be. Does anyone know the dependencies I should be checking to ensure those events eventually end up in the Threat Activity dashboard?

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...