Splunk Enterprise Security

Threat Intelligence Searches Not Populating threat_activity Index

joeldavideng
Path Finder

The search "Threat - Source and Destination Matches - Threat Gen" is working and producing results, only the results aren't ending up in the threat_activity index where I would expect them to be. Does anyone know the dependencies I should be checking to ensure those events eventually end up in the Threat Activity dashboard?

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...