| How can I retrieve the file name was uploaded/shared in any collaboration tool excluding the ones generating by the a... by Stanley_Learn Loves-to-Learn Lots in Splunk Enterprise Security 07-03-2023 0 6 | 0 | 6 | ||
| Where can I see ES content searches performance in terms of avg. time taken to run a particular correlation rule or s... by deodeshm Explorer in Splunk Enterprise Security 06-21-2023 0 1 | 0 | 1 | ||
| Hello! I am trying to exclude a specific computer_name from showing up in our carbonblack index in Splunk using a Hea... by MJA411 Explorer in Splunk Enterprise Security 06-09-2023 0 10 | 0 | 10 | ||
| There are two selection "enable to risk index" and "enable to test index" from Content Management view, but these two... by goji Path Finder in Splunk Enterprise Security 06-08-2023 2 0 | 2 | 0 | ||
| I'm a newbe and I try to configure Security Essential to search "net user /DOMAIN" discovery on my AD server. I've ... by Araton71 Explorer in Splunk Enterprise Security 06-07-2023 0 2 | 0 | 2 | ||
| Hello friends. I had a question for you I wanted to see how I can convert an alert in Splank to IODEF format? by b3hnam New Member in Splunk Enterprise Security 06-01-2023 0 1 | 0 | 1 | ||
| Some users reported that the investigations functionality is not available for them in the Enterprise Security app. W... by szabados Communicator in Splunk Enterprise Security 05-31-2023 0 2 | 0 | 2 | ||
| Thanks in advance for your time and assistance. I have a Splunk Enterprise Security correlation search intended to tr... by Sven Engager in Splunk Enterprise Security 05-24-2023 0 2 | 0 | 2 | ||
| Hi all.I have recently started working on my workplace's Splunk and I got a request - to display all alerts that has ... by BestestCohen New Member in Splunk Enterprise Security 05-23-2023 0 3 | 0 | 3 | ||
| Used a search from the Splunk Risk Framework page: http://dev.splunk.com/view/enterprise-security/SP-CAAAFBD Search:... by stuartmcintosh New Member in Splunk Enterprise Security 05-22-2023 0 9 | 0 | 9 | ||
| Hi, How can I configure a Correlation Search in ES to add risk to 2 objects (src & dest)? I can only configure a Ad... by chris Motivator in Splunk Enterprise Security 05-22-2023 0 7 | 0 | 7 | ||
| Version of Splunk DB Connect 3.13.0 is only supported for splunk 9.0 and older version 8.2 or 8.1 is there any soluti... by jetmirhoxha29 New Member in Splunk Enterprise Security 05-19-2023 0 1 | 0 | 1 | ||
| In ES 6.6.x and higher, what is the meaning of "Parse Domain from URL" under the Global Setting of Threat Intelligenc... by teresachila Path Finder in Splunk Enterprise Security 05-18-2023 0 1 | 0 | 1 | ||
| I have set up my intel download however when i run `http_intel` multiple IOC/values are grouped into a single row. H... by bluewizard Explorer in Splunk Enterprise Security 05-18-2023 0 4 | 0 | 4 | ||
| Hey everyone, I've looked around for a little and but was trying to find out if there was a way to backup and do vers... by claxpum0n New Member in Splunk Enterprise Security 05-17-2023 0 3 | 0 | 3 | ||
| I am trying to pull up the Risk Event Timeline for a Risk Notable in my Incident Review Dashboard. Every time I cli... by stewlarsen New Member in Splunk Enterprise Security 05-17-2023 0 5 | 0 | 5 | ||
| Hi All,We have installed Splunk Enterprise Security 7.0.1 and OT for security add-on on it, and we would like to upgr... by VK18 Explorer in Splunk Enterprise Security 05-16-2023 0 0 | 0 | 0 | ||
| It looks like Sophos' approach to SIEM integration when using Sophos Central (their cloud management offering) is to ... by gf13579 Communicator in Splunk Enterprise Security 05-15-2023 0 11 | 0 | 11 | ||
| Hello, I have a lookup table with numbers, where it checks the numbers that match the error_code 11. index="cdrs" "er... by Miguel3393 Path Finder in Splunk Enterprise Security 05-09-2023 0 1 | 0 | 1 | ||
| What is the best way to deal with building searches and alerting in a Hyper-V environment in which VMs pull MAC addre... by gg74 Engager in Splunk Enterprise Security 05-09-2023 0 3 | 0 | 3 | ||
| Hello,I have a lookup table with numbers, where it checks the numbers that match the error_code 11.index="cdrs" "erro... by Miguel3393 Path Finder in Splunk Enterprise Security 05-05-2023 0 5 | 0 | 5 | ||
| The ES Incident Review page still lists deleted Correlation Searches Names in the Multiselect box "Correlation Search... by rphillips_splk Splunk Employee 3 5 | 3 | 5 | ||
| Hi folks,[Current scenario]When a role is created with capabilities, I am receiving one event for the role creation a... by vinoth_raj Path Finder in Splunk Enterprise Security 05-04-2023 0 3 | 0 | 3 | ||
| I would like to figure out a way to update an existing notable event via a rest api. I would specifically like to kno... by harshanagaraj Explorer in Splunk Enterprise Security 05-04-2023 1 13 | 1 | 13 | ||
| Hi,I was wondering how we could download the specific notables into csv or text format from incident review panel i... by Raj Builder in Splunk Enterprise Security 05-02-2023 0 2 | 0 | 2 |