I am wondering if there is a way to have the urgency of the events just to be how you have it setin the AdaptiveResponseActions?
I don't want Incident Review to make it for me. I want to be a...
We have created a large amount of custom Adaptiveresponseactions that primarily consist of actions that fetch information from the internet using API calls.
All the apps were created using the l...
Is there any way to get a developer license of Splunk IT Service Intelligence (ITSI) and/or SplunkEnterpriseSecurity (ES)?
I would love to adapt my apps to fit into ITSI/ES and add adaptiveresponse...
I know that it is possible to embed an AdaptiveResponse hyperlink into the next steps section of SplunkEnterpriseSecurity (ES), however I'm wondering if you can embed plain old hyperlinks to o...
We utilize adaptiveresponse rules quite a bit within Splunk and have had quite a bit of success manually running them after the notable event is created.
Recently we have had a few use cases w...
Phantom version 4.1.94
Splunk version 6.6.5
Splunk Phantom App 2.5.23
ES version 4.7.1
When go to Splunk ES Notables, there also not able to see "Send to Phantom" actionin "Run AdaptiveResponse...
I want to setup an organized system of permissions so we can give the right access to the right data and the right Splunk features to the right analysts in my organization. Can I get a sketch of h...
I'm trying to run a Python script as part of an AdaptiveResponseAction. InSplunk ES, I go to EnterpriseSecurity > Configure > Content > Content Management > Correlation Search ....