Splunk Enterprise

ES Search Head Clustering and add Threat Intelligence

saraomd93
Explorer

Hello to all my dear friends
We have SH-Cluster with 5 Search head and Enterprise Security(ES). When I want to add a new Threat List as a URL, I have to go to this address: ES APP\Configure\Data Enrichment\Threat Intelligence Management
But what happens after clicking on this page, the message Oops is displayed, can anyone help? Is the Input.local method the right method?

Special Thank to Splunk

 

Labels (1)
0 Karma

saraomd93
Explorer

چرا جواب منو نمیدید؟

0 Karma
Get Updates on the Splunk Community!

Buttercup Games: Further Dashboarding Techniques

Hello! We are excited to kick off a new series of blogs from SplunkTrust member ITWhisperer, who demonstrates ...

Message Parsing in SOCK

Introduction This blog post is part of an ongoing series on SOCK enablement. In this blog post, I will write ...

Exploring the OpenTelemetry Collector’s Kubernetes annotation-based discovery

We’ve already explored a few topics around observability in a Kubernetes environment -- Common Failures in a ...