Splunk Enterprise Security

Splunk Enterprise Security
Community Activity
sacumen
How to fetch configured correlation data, Query notable events, including associated correlation rules for an app?
by sacumen Explorer in Splunk Enterprise Security 01-07-2021
0 5
0
5
yashaswinig2210
Hi All, @renjith_nair I'm working on a requirement to create a Splunk Alert which triggers/Creates the Incident in Se...
by yashaswinig2210 Engager in Splunk Enterprise Security 01-07-2021
0 1
0
1
damode
After accelerating the CIM Validation (S.o.S.) DM and upon checking the pivot for any of the datasets results in an e...
by damode Motivator in Splunk Enterprise Security 01-07-2021
0 3
0
3
jgorman_THG
HI! I'm following the following directions to try and set up assets and identities for Splunk Enterprise Security on...
by jgorman_THG Explorer in Splunk Enterprise Security 01-05-2021
0 2
0
2
damode
Can anyone please share some best practise or your own preferred method for populating the watchlist field in the ass...
by damode Motivator in Splunk Enterprise Security 01-04-2021
0 0
0
0
mpwhite
I registered for the free splunk fundamentals one course. I was unable to complete it before it expired. How do I re-...
by mpwhite New Member in Splunk Enterprise Security 01-04-2021
0 2
0
2
splunkcol
I have an index called firewall and sourcetypes of Palo Alto, Checkpoint and Fortinet routersThe configuration was ca...
by splunkcol Builder in Splunk Enterprise Security 12-28-2020
0 5
0
5
splunkcol
I am using the APP "SA-cim_vladiator" and this message appears indicating that it has found unexpected valuesIn this ...
by splunkcol Builder in Splunk Enterprise Security 12-28-2020
0 1
0
1
mikefg
Working on a new ES install. Does the ES search head need the app and add-on for each technology or just the add-on? ...
by mikefg Communicator in Splunk Enterprise Security 12-23-2020
0 6
0
6
Fenrir
I have a fairly complex query that ultimately outputs a large table with 23 fields and several dozen rows. Since the ...
by Fenrir Engager in Splunk Enterprise Security 12-23-2020
0 3
0
3
sumitp
Hi,I am trying to execute a simple Splunk search from command prompt using CURL.I am using a simple search command li...
by sumitp New Member in Splunk Enterprise Security 12-22-2020
0 1
0
1
kanam
I created correlation search and add Notable action as "Adaptive Response Actions".By running search there are some e...
by kanam Loves-to-Learn Everything in Splunk Enterprise Security 12-22-2020
0 1
0
1
adnankhan5133
If I decided to create an Investigation in Splunk ES via the Investigation Workbench from the Investigations page ("C...
by adnankhan5133 Communicator in Splunk Enterprise Security 12-22-2020
0 1
0
1
damode
0
2
Minghao
I use the timechart to analyze the data and I want to normalize the data in the timechart... | timechart span=3d coun...
by Minghao Explorer in Splunk Enterprise Security 12-22-2020
0 4
0
4
iherb_0718
Hi splunkers,I run splunk cloud and recently worked with Support to install Splunk Enterprise Security. Within splunk...
by iherb_0718 Path Finder in Splunk Enterprise Security 12-21-2020
0 3
0
3
havatz
Hey allWhen Im creating a new scheduled search for customer .. there is any option to save the trigged alert to speci...
by havatz Explorer in Splunk Enterprise Security 12-21-2020
0 1
0
1
jbburkes
Recently upgraded Splunk Enterprise Security from 6.1.1 to 6.2.0, install went fine, however clicking on Setup gives ...
by jbburkes Engager in Splunk Enterprise Security 12-18-2020
0 5
0
5
Tylerdygert
Hello, I am trying to get a lookup CSV file up to my search head from my forwarder. I have created an asset lookup f...
by Tylerdygert Path Finder in Splunk Enterprise Security 12-17-2020
1 3
1
3
amandeepsingh
I have customized Navigation menu but it is showing "None" But Dashboard under it is fine... How could I display Coll...
by amandeepsingh Explorer in Splunk Enterprise Security 12-13-2020
0 2
0
2
damode
Pivot for Assets and Identities Data model -"Identity_Management" showing zero count.When running search - |tstats co...
by damode Motivator in Splunk Enterprise Security 12-13-2020
0 0
0
0
damode
Given these fields (is_expected, should_timesync, requires_av and should_update in asset lookup of ES) dont dynamical...
by damode Motivator in Splunk Enterprise Security 12-13-2020
0 4
0
4
jmdelrosario26
Hello,So we have website hosted in Splunk. We are detecting these vulnerabilities Server header Detected, Incorrect X...
by jmdelrosario26 Explorer in Splunk Enterprise Security 12-12-2020
0 4
0
4
damode
0
0
sinda
Hi, i faced a little issue when i configured " Identities and assets" . After the configuration, the Asset Center and...
by sinda Explorer in Splunk Enterprise Security 12-09-2020
0 1
0
1
Get Updates on the Splunk Community!

Think Like an Architect: Introducing the Splunk Certified Cybersecurity Defense ...

In cybersecurity, defenders respond to threats. Architects design the systems that stop them.    As ...

Best Practices: Splunk auto adjust pipeline queue

When you enable autoAdjustQueue in Splunk, maxSize should be understood as the queue size Splunk starts with ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...