Hi Splunkers;
Before was Asset Center andIdentity Center dashboards takes results from assets.csv andidentities.csv this is good, Now after update assets.csv andidentities.csv the results a...
Hi all, I'm struggling with problem that I can't find any error logs in AssetandIdentity Management dashboard in Splunk Enterprise Security. It shows NOT FOUND and I see the error message b...
Hey Splunkers,
Our securty team really likes the IdentityInvestigatordashboard. Only things is -- it would be GREAT to add a few more swimlanes of custom sourcetypes (for example, our DNS, P...
Hi, i faced a little issue when i configured " Identities andassets" . After the configuration, the Asset Center andIdentity Center dashboard in ES do not work. knowing that : The&n...
...ble to investigate artifacts from ES > Incident Review > Selecting the Incident > Action Menu > Investigate Asset Artifacts
but for the life of me, I can't seem to launch SA-Investigator...
...ultiple Invalid Stanzas and Output attached) Planning to replace all conf files from backup apps directories to the upgraded apps directories as we have noticed there is a change in the conf files. Not s...
Is there a way to update the default collection or create a custom collection of swimlanes for the investigatordashboards for Splunk for Enterprise Security?
For example, AssetInvestigator has t...
It is possible to clone dashboards from the Enterprise Security app into a private custom app so that I can make modifications to it for the users in my environment? I tried cloning the IdentityInvestigator...
How can I ingest firewall ,waf ,ssandbox ,email gateway, endpoints logs to Splunk ES datamodels?
I am trying to work on Splunk ES dashboards with the below details:
WAF Issues
Firewall I...