Splunk Enterprise Security

Where do I find the macro "src_dest_tracker" listed in a Corr. search in ES to detect Spyware activity?

SamHTexas
Builder

This posting did not let me share the search string due to it containing HTML code etc. Any advice is appreciated. Thank u 

Labels (1)
0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!