...EnterpriseSecuritySuite) from etc/shcluster/apps to etc/apps folder Ran theupgrade command – (/opt/splunk/bin/splunkinstallapp ./splunk-enterprise-security_620.spl -update 1) Ran the essinstall command as per theinstall...
Does thePhantomRemoteSearchapp get installed on my Enterprise Security Search Head, a HEC server, or another server all together? Seems there are search, HEC inputs, and index portions yet it's o...
Hi, I would like to know if there is the possibility to automatically trigger a playbook when there is a change in the status of a container (e.g. when it becomes "Closed")? Thank you in advance!