>>> Giving users the default ability to email alerts or reports to any destination is a massive Data Loss Protection issue. Precisely @dural_yyz . Giving the easy and quick installation methods, p...
See more...
>>> Giving users the default ability to email alerts or reports to any destination is a massive Data Loss Protection issue. Precisely @dural_yyz . Giving the easy and quick installation methods, proving direct options to upload a log file, assigning default indexes options are too good. The first timers will really like these features. But, for the "email" functionality with the "default settings" such as "send anything anywhere"... looks bit odd. It should be like, by default, you can not send anything to any domain. The informational note should say that, if you like to send email alerts to outside domain, pls request the Splunk Admins/power users to update the config file abcd.conf thru x y z methods. Thanks for reading, have a great day