...hough the splunk correlation searches run as required, we have noticed that there are no events in the index itsi_tracked_alerts created even though the alert conditions are met. inITSI H...
I have a "normal" dashboard created that pulls together some ITSIdata for my end users. In the table of the dashboard, I want to make it so the drill-down link will direct users to the ITSI E...
Hi All, I have ingested some sample logs inITSI from windows, oracledb, aws, netapp devices, but the dashboards are not getting populated inITSI. Can can anyone who knows ITSI suggest or g...
Hello,
I have a issue with getting the Windows log events inside the dashboard using the EventID 'Windows Event Logs Analysis' app.
Inside the app's 'Search' tab the data seems to be gathered b...
...avascript so I simply viewed the page source and copied and pasted the HTML from the search page into a new html page within our app and then was able to tweak the HTML to add the CSS and Javascript f...
So far, this is one of the only ways i've figured out how to change the onclick of the trellis single value view so that the entire block is clickable (like inITSI) on the dashboard, i create a s...
I have a correlation search creating notable events.
In the index=itsi_tracked_alerts, I see one event for a given event_id.
But on the Episode review, I see the event being member of several E...
Hello Team,
I have a parent dashboard where I have 5 panels. These are linked to one child dashboard based on the token passing filter the data changes. However I notice that for one panel there i...
Hello, I'm just having a bit of difficulty differentiating between Splunk Enterprise, ITSI, SOAR, UBA, and Enterprise Security. It seems like they all do similar things. Do they a...