Solved: Create a table that contains 'ALERTS'. User will v...

marvinlee93 · ‎12-09-2018

Hi all,

I would like to create a table that contains 3 scenarios. ( Low, High, Severe)
The table will keep appending fields when these scenarios are met.

I would like to make this table more interactive where a user can click on a particular field to verify the 'ALERT' and the particular field will disappear thereafter. (Something like a checklist that refreshes)

Any idea how to do this?

dkeck · ‎12-09-2018

You might want to have a look at Enterprise Security, sounds like Incedent Review for me.

View solution in original post

dkeck · ‎12-09-2018

You might want to have a look at Enterprise Security, sounds like Incedent Review for me.

martin_mueller · ‎12-11-2018

Or less pricey and whale-sized, Alert Manager: https://splunkbase.splunk.com/app/2665/

Create a table that contains 'ALERTS'. User will verify the alerts, click on the specific event and the particular event will disappear.

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

Join the Conversation

Create a table that contains 'ALERTS'. User will verify the alerts, click on the specific event and the particular event will disappear.

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey