I am trying tosenddata from Splunk ES toPhantom
Version is 7.2.6
After downloading Phantomapp from Splunk, within that App, in the forwarding option there are 2 selections:
Under event f...
Using SplunkPhantomm app and trying toexport saved datamodel filds that are INHERITED parsed and can be forwared
but EXTRACTED field can not be parsed and sendtophantom. EX
"_time",host,s...
...ame_10
5/22/2020, 2:00:52 PM.
The blocked host name belongs toa domain controller where I just deployed a UF. I'm not receiving any data from this forwarder.
This is harder than I a...