Hi all,
I would like to create a table that contains 3 scenarios. ( Low, High, Severe)
The table will keep appending fields when these scenarios are met.
I would like to make this table more interactive where a user can click on a particular field to verify the 'ALERT' and the particular field will disappear thereafter. (Something like a checklist that refreshes)
Any idea how to do this?
You might want to have a look at Enterprise Security, sounds like Incedent Review for me.
You might want to have a look at Enterprise Security, sounds like Incedent Review for me.
Or less pricey and whale-sized, Alert Manager: https://splunkbase.splunk.com/app/2665/