Splunk Enterprise Security

Splunk Enterprise Security
Community Activity
SamHTexas
I am looking for a great Alert manager Add-on for ES. To ingest MS Azure AD Alerts data into ES. There are 2 of them ...
by SamHTexas Builder in Splunk Enterprise Security 12-21-2021
0 0
0
0
SIEMStudent
Hi Splunkers, we have a behavior that we are not able to understand.The problem is the following: we are performing s...
by SIEMStudent Path Finder in Splunk Enterprise Security 12-21-2021
0 1
0
1
Pablo00
Hello, During that crazy 4logj times I would like ask you for advise.  I am new in Splunk/security but I manage to cr...
by Pablo00 Explorer in Splunk Enterprise Security 12-20-2021
0 0
0
0
joomla
Hi Community Members,Anyone knows whether we can use Splunk Enterprise Security to map our correlation searches again...
by joomla Engager in Splunk Enterprise Security 12-20-2021
0 1
0
1
securiteinforma
Hello, In order to make syslog communication through TLS work, I followed this procedure (https://docs.splunk.com/Doc...
by securiteinforma Explorer in Splunk Enterprise Security 12-16-2021
0 4
0
4
davecroto
I am following the docs and when it asks for logging level it only allows you to choose 1 level.   What if I wanted m...
by davecroto Splunk Employee Splunk Employee in Splunk Enterprise Security 12-09-2021
0 0
0
0
Stefanie
At my current position, I took over for someone who didn't take care of Splunk & Enterprise Security.It looked as if ...
by Stefanie Builder in Splunk Enterprise Security 12-09-2021
0 0
0
0
N92
After installing microsoft windows add on I could not see applicable tags for network resolution data model with resp...
by N92 Path Finder in Splunk Enterprise Security 12-08-2021
0 2
0
2
gayeguven
We downloaded the Enterprise Security app from the address you specified. When we want to upload this to the Splunk e...
by gayeguven New Member in Splunk Enterprise Security 12-07-2021
0 2
0
2
rafiki
Hi folks,A user in my company discovered that the pre-built list of Correlation-Searches in the filter on the Inciden...
by rafiki Explorer in Splunk Enterprise Security 12-03-2021
1 5
1
5
pavanbmishra
Hi SMEs, I am trying to write regex to parse/map CEF format fields as below. so that all corresponding fieldname can ...
by pavanbmishra Path Finder in Splunk Enterprise Security 12-01-2021
0 2
0
2
erikhansen29
Hi All. Hopefully somebody has an answer to this.We are on v8.1.6 and in doing some security cleanup, I was removing ...
by erikhansen29 New Member in Splunk Enterprise Security 11-30-2021
0 0
0
0
SIEMStudent
Hi Splunkers,I'm in trouble with a correlation rule creation.The purposes of the rule is the following one: if a User...
by SIEMStudent Path Finder in Splunk Enterprise Security 11-30-2021
0 0
0
0
soumyasaha25
I have disabled a few of the Correlation searches and would like to delete them from the "Top Notable Events" panel i...
by soumyasaha25 Contributor in Splunk Enterprise Security 11-29-2021
0 0
0
0
comantxe
Hello,I just configured a new Custom Threat Intelligence feed in Splunk Enterprise Security and I'm getting a strange...
by comantxe New Member in Splunk Enterprise Security 11-24-2021
0 0
0
0
SamHTexas
Please help me with learning What dependencies dose Splunk Security Essentials App (SSE) has on ES & ES content updat...
by SamHTexas Builder in Splunk Enterprise Security 11-24-2021
0 0
0
0
Stefanie
Hey!We upgraded to Splunk Enterprise Security to the latest version a few weeks ago.Before, it was on Version 4.x I b...
by Stefanie Builder in Splunk Enterprise Security 11-23-2021
0 1
0
1
Prachi_Kothari
Hello, Hope you are  doing well!I have updated exiting correlation alert in Splunk as  notable event which previously...
by Prachi_Kothari Engager in Splunk Enterprise Security 11-22-2021
0 1
0
1
cybersej
Hi Everyone, I set splunk(on windows) lab envirement because try something threat activity.I need to take powershell ...
by cybersej Observer in Splunk Enterprise Security 11-22-2021
0 0
0
0
jacqu3sy
Hi, Within Splunk Enterprise Security, when the urgency of a notable event is calculated, the priority of the identi...
by jacqu3sy Path Finder in Splunk Enterprise Security 11-16-2021
0 7
0
7
damode
Does ES also comes with SSE app features like Analytics Advisor, Content Recommendations, Data inventory, CIM complia...
by damode Motivator in Splunk Enterprise Security 11-15-2021
0 3
0
3
pchintha
HI,I am having some logs comes with XML format for Privilaged Access Manager, i need to extract the fields by default...
by pchintha Engager in Splunk Enterprise Security 11-14-2021
0 0
0
0
HA-01
I tried to get data using Google Workspace Add-on, but the following error occurs. Could you please tell me how to re...
by HA-01 Splunk Employee Splunk Employee in Splunk Enterprise Security 11-14-2021
0 2
0
2
SIEMStudent
Hi everybody.Currently, we have a task which involve QRadar correlation rules translation to SPlunk ones.The Splunk r...
by SIEMStudent Path Finder in Splunk Enterprise Security 11-12-2021
0 0
0
0
NightShark
I have a problem where an admin role user cannot see another analyst user to assign specific notable events to. Howev...
by NightShark Path Finder in Splunk Enterprise Security 11-12-2021
0 1
0
1
Get Updates on the Splunk Community!

Think Like an Architect: Introducing the Splunk Certified Cybersecurity Defense ...

In cybersecurity, defenders respond to threats. Architects design the systems that stop them.    As ...

Best Practices: Splunk auto adjust pipeline queue

When you enable autoAdjustQueue in Splunk, maxSize should be understood as the queue size Splunk starts with ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...