Splunk Enterprise Security

Community Activity

Delay Sending Threats from Splunk ES to Splunk SOAR Hello Splunk Community,I am facing an issue and would appreciate your guidance.Currently, I am sending threats (Notab... by kn450 Explorer in Splunk Enterprise Security 12-26-2025 0 0	0	0
App download I’m a student and I want to download this app. Why can’t I download it? by reyo New Member in Splunk Enterprise Security 12-25-2025 0 3	0	3
License requirements for Splunk SOAR On-Prem 7.x.x in HA architecture Hello Splunk Community,We are planning to deploy Splunk SOAR On-Prem (latest 7.x.x release) in a new High Availabilit... by Abirami_09 New Member in Splunk Enterprise Security 12-23-2025 0 3	0	3
Upgrading from ES 7 to 8 Hello,Upgrading Splunk ES 7.3.2 to 8.3.0 how existing correlation searches will be converted with new RBA?Thanks. by splunkreal Influencer in Splunk Enterprise Security 12-22-2025 0 0	0	0
Correlation Search Skipped / Backfill Operations Hi all,We intermittently see some ES correlation searches getting “skipped” at their scheduled run time (we confirm t... by kirchoff Explorer in Splunk Enterprise Security 12-17-2025 0 3	0	3
invalid Stanza error in SplunkEnterpriseSecuritySuite Why I am getting invalid Stanza error in SplunkEnterpriseSecuritySuite, its *.conf.spec file is present in README sub... by arun_kant_sharm Path Finder in Splunk Enterprise Security 12-15-2025 0 4	0	4
Search Notables by Time of Comments In working with Enterprise Security's notables I am wondering if there is a way that you can search by the time that ... by JeffBothel Explorer in Splunk Enterprise Security 12-09-2025 1 4	1	4
Findings Comments Hi, Our team has recently upgraded to ES 8, we use to have a dashboard that linked notables to closure comments for r... by jabson New Member in Splunk Enterprise Security 12-09-2025 0 1	0	1
SA-cim_vladiator not exporting configurations globally to system Greetings!I continuously receiving this warning in Messages."Learn more" recommends to share all knowledge objects gl... by kvirchenko Engager in Splunk Enterprise Security 12-09-2025 0 2	0	2
Download Splunk Enterprise Security Trial Hi, I want to download Splunk Enterprise Security for testing purpose, however when I am trying to download it says D... by kamalKSharma New Member in Splunk Enterprise Security 12-08-2025 0 2	0	2
ClusterManager Peer connection failed what does indicates 06-19-2025 11:09:33.046 +0000 ERROR AesGcm [65605 MainThread] - Text decryption - error in finali... by Mirza_Jaffar1 Explorer in Splunk Enterprise Security 12-08-2025 0 8	0	8
Exchange Online Logs in Splunk Hi, I would like to use Splunk to gather email metrics. For example, what email was send, to whom, whether it had an ... by ringo227 New Member in Splunk Enterprise Security 12-04-2025 0 1	0	1
Kvstore failed On my current machine, Kvstore is failing.When I restart Splunk, the Kvstore status is "Ready." However, when I click... by egko Loves-to-Learn in Splunk Enterprise Security 12-03-2025 0 4	0	4
Disposition CHart Hello Splunkers. how can i add the disposition chart in splunk mission control/incident review? as there are only the... by msalghamdi Path Finder in Splunk Enterprise Security 12-02-2025 0 0	0	0
Add Notable Event to an ES Investigation using the API I would like to have an investigation created with a notable event recorded in there using the API.I've been trying t... by dsofoulis Path Finder in Splunk Enterprise Security 12-01-2025 0 5	0	5
Training Unit how utitlized tranning unit to take exam voucher becouse already sent email to certificate@splunk.com but still not ... by Najm Engager in Splunk Enterprise Security 11-29-2025 0 5	0	5
[Splunk Content] Xp_cmdshell enablement rule error in content management On Splunk ES I’m having an issue with the rule “Windows SQL Server xp_cmdshell Config Change” (https://research.splun... by nooproblems New Member in Splunk Enterprise Security 11-27-2025 0 1	0	1
Correct way to use NOT match Hi, Whats the correct syntax to use when trying to return results where two fields DO NOT match? Trying the followi... by jacqu3sy Path Finder in Splunk Enterprise Security 11-26-2025 0 6	0	6
Splunk ES 8.2 API note management Hello,Up until Splunk ES 8.1 Splunk ES has an option to update notable event using following API:https://help.splunk... by Dima Explorer in Splunk Enterprise Security 11-26-2025 1 5	1	5
Email alert not triggering Hello, we have a DMC configured on Splunk Licence Master, I need to enable all the critical resource utilization aler... by maheshnc Path Finder in Splunk Enterprise Security 11-18-2025 0 8	0	8
unable to update "action.notable" via API I am trying to update a detections config in ES via API with a bash script.All of the below is working and updating t... by cha_18 Engager in Splunk Enterprise Security 11-10-2025 0 1	0	1
Palo Alto apps and add-ons for splunk Hello, Current setup is Palo Alto firewall and using Sc4s (splunk connect for syslog) , so far getting all logs fo... by hl Path Finder in Splunk Enterprise Security 11-08-2025 0 1	0	1
Notable Event Status Inconsistency Between List View and Detail View in Mission Control I'm experiencing a status synchronization issue in Splunk Enterprise Security 8.3.2 where the notable event status di... by torgynnurlankul New Member in Splunk Enterprise Security 11-05-2025 0 2	0	2
Using Webhook to send data to internal server? I'm trying to set up an open-source SOAR tool and need to get the results of a correlation search from Splunk. Using ... by st1 Path Finder in Splunk Enterprise Security 11-03-2025 0 3	0	3
How to handle Defender Incidents/Alerts with ES Notables What is best practice when ingfesting Defender XDR Incidents and/or Alerts and using them for notables in Splunk ES? ... by lyonheart14 Loves-to-Learn in Splunk Enterprise Security 10-30-2025 0 0	0	0