Hello, I would like to know the aim of this default constraint : (`cim_Authentication_indexes`) tag=authentication NOT (action=success user=*$) action="success" Especially what d...
Hello I have great difficulties to understand where to begin for using theCIMdatamodel Is anybody can clearly summarize the different ways to apply a CIMdatamodel in my own apps? Thanks in advance
Hi,
In our application we have data in a specific format. We are converting this datatoCIM model (say IntrusionDetection, Malware etc) and then uploading to Splunk.
Now once its get uploaded I...
...ACCELERATE_ I accessed theData Models page and expanded theCIMValidation (S.o.S) data model. The information I got is: "Access Count: 0 - Last Access: -) while size is 750MB and frequently updated. My q...
...ocs.splunk.com/Documentation/CIM/5.2.0/User/Endpoint) there is a table with 5 columns Dataset Name/Field name/Data type/Description/Abbreviated list of example values/, but there is no guidance of what data...
Hello,
I have a question about modification of data model in CIM:
I would like to add one child dataset to DM "Change". Can I do it by separate application?
What I mean exactly: If I create a m...
Not sure what Total fields, Issue fields, CIM Compliance (all DM fields) and CIM Compliance (recommended fields) mean in the app. Following the associated searches is a bit rough.
...nsure that we have data, otherwise later playbook actions won't complete. Would we use a decision here - like "If result != []: continue, else: exit playbook" Here's is loosely what I want to d...
...ations are complete. Right now, we need tovalidate if data is same in both deployments e.g. Deployment A (old) and B (new) for all data sources.
I need guidance in the right steps and validations to...