Splunk Enterprise Security

Community Activity

Group Ib integration problem i am trying to integrate group ib with splunk for which i installed the app entered my api key and username from whic... by mana_pk123 New Member in Splunk Enterprise Security 11-24-2024 0 3	0	3
Ask for the recommended Apps should enhance the Security Posture Hello ES Splunker, I want to know if any applications can be installed to enhance the security posture alongside with... by AliMaher Path Finder in Splunk Enterprise Security 11-24-2024 0 3	0	3
Splunk Macro cim_Alerts_indexes Error Hi, we are using a Splunk Cloud ES and we can't seem to edit the base search macro of the "Alerts" datamodel. The mac... by lucilleddajab Explorer in Splunk Enterprise Security 11-24-2024 0 3	0	3
issue with map cholopleth: cannot read properties of undefined (reading "version") can anyone help me with the issue I get from time to time on my dashboard built using splunk dashboard studio: for s... by romanpro Explorer in Splunk Enterprise Security 11-20-2024 1 3	1	3
Request for app Splunk Enterprise Security This is in request to add the steps for adding Splunk Enterprise Security to my enterprise account, Thanks. by prasanthnakkala New Member in Splunk Enterprise Security 11-13-2024 0 2	0	2
Editing the alert that is sent to PagerDuty Hi all,I'm trying to figure out a way to edit the alert that is sent to PagerDuty. Currenty I have a bunch of alerts ... by aaronjamili New Member in Splunk Enterprise Security 11-12-2024 0 0	0	0
Using splunk Enterprise Security for academic project So for our graduation project, we've decided to use splunk SIEM as our base app to build on. However, on further insp... by YahiaEissa New Member in Splunk Enterprise Security 11-09-2024 0 1	0	1
Multiple Domains I have an SPLQ that im trying to collect all domains from a raw logs, but my regex is capturing only one domain.in a ... by CyberWolf Path Finder in Splunk Enterprise Security 11-08-2024 0 4	0	4
Search error: that store merged asset and identity data in Splunk Enterprise Security Hi Splunkers, we have a SH with Splunk Enterprise Security installed on it. It is a standalone instance that query so... by SplunkExplorer Contributor in Splunk Enterprise Security 10-31-2024 0 1	0	1
Any use cases for darktrace Hi, Can anybody helpme to get some use cases for darktrace. Right now I am looking only for score value. by pradeep577 Path Finder in Splunk Enterprise Security 10-30-2024 0 4	0	4
Incident Review dashboard drilldown search not working Hello,We have been facing a weird error suddenly, wherein our production Splunk cloud Enterprise Security Incident Re... by splunkerarijit New Member in Splunk Enterprise Security 10-30-2024 0 1	0	1
Correlating Carbon Black Watchlist Alerts on Splunk Enterprise Security Hi, our company does not yet have Splunk enterprise security, but we are considering getting it. Currently, our secur... by akulg Engager in Splunk Enterprise Security 10-28-2024 0 1	0	1
Per - result Alert I am a grad student and I recently gave a quiz on splunk. There was a true/false question.Q: Splunk Alerts can be cre... by rvnk Engager in Splunk Enterprise Security 10-27-2024 0 1	0	1
Throttling Notables - Do Underlying Alerts Need to be Throttled Too? Right now I have an issue with duplicate notables. I want to make it so a notable will only re-generate if there have... by hofer_emma Loves-to-Learn Lots in Splunk Enterprise Security 10-25-2024 0 0	0	0
How to create notable manually with selected timestamp? \| stats count \| eval _time="1685158808" \| eval rule_title="Test notable" \| eval security_domain="Network" \| e... by bluewizard Explorer in Splunk Enterprise Security 10-22-2024 0 3	0	3
Splunk Enterprise Security: Is it possible to implement multi-tenancy in a distributed search environment? Hello everybody. I deployed a Splunk Enterprise Security in a distributed environment for our customer. He also has... by jrballesteros05 Communicator in Splunk Enterprise Security 10-22-2024 1 9	1	9
Menu Bar Missing in Search and Reporting UI After Upgrade to 9.3.1- Splunk Enterprise I recently upgraded Splunk Enterprise from version 9.1.0.2 to 9.3.1, and I've encountered an issue where the menu bar... by sajith Loves-to-Learn in Splunk Enterprise Security 10-21-2024 0 5	0	5
Does the service now integration work as an ad hoc adaptive response? Hi guys, I have configured my servicenow integration with splunk and it works fine, we can create notables from any... by BGrdickson Explorer in Splunk Enterprise Security 10-17-2024 1 9	1	9
Update a notable once an incident is opened or closed in ServiceNow Hi All,Hope you all are doing well.I am very new to Splunk Enterprise security, and i need your help to understand h... by niks987 Explorer in Splunk Enterprise Security 10-17-2024 0 1	0	1
Error installing Splunk Security Essentials Hi all, I am trying to install Splunk Security Essentials into a single instance of Splunk with a downloaded file of ... by JackieTech Explorer in Splunk Enterprise Security 10-16-2024 0 14	0	14
How to configure Splunk Enterprise Security drill-down earliest offset? Hi, I'm trying to configure Drill-down Earliest Offset in my Notable from Adaptive Response Action. I'd like to run t... by martaBenedetti Path Finder in Splunk Enterprise Security 10-14-2024 0 7	0	7
Splunk ES taxii feed - AlienVault OTX config Hi everyone,Am having issues with the configuration of the AlienVault OTX feed in Splunk ES and would appreciate any ... by oz_dg Explorer in Splunk Enterprise Security 10-14-2024 2 7	2	7
How to make secure cookies in Splunk by setting Secure, SameSite, HTTPOnly Attributes? Hi everyone, Can you please help us to make the Secure cookies by doing below things. Setting HTTPOnly Flag to splu... by manikanthkoti Explorer in Splunk Enterprise Security 10-07-2024 1 1	1	1
Traffic Search function I've seen someone use this traffic search function but can't find it myself:How can I access this traffic search func... by brownbag Engager in Splunk Enterprise Security 10-03-2024 0 3	0	3
Documentation for SA-AccessProtection / DA-ESS-AccessProtection Greetings,I found some useful savedsearches under SA-AccessProtection / DA-ESS-AccessProtection, which I am intereste... by mjuestel2 Path Finder in Splunk Enterprise Security 10-02-2024 0 0	0	0