Hello,
I'm currently running theSplunkAppforAWS and am receiving thedata without a problem into its own index in our Splunk environment. I've configured Splunk ES CIM datamodels to look at o...
I haven't been able to find an answer to this in the documentation. Can you add datamodels to theSplunk Common Information Model (CIM) app? Or do you always have to use one of the default datamodels?
...ield. I went into thedatamodel of Threat_ Intelligence and searched forthe action field using add attribute and saw some fields from my firewall sourcetype, but not status. I added status m...
hi,
I am not getting data of AWS in SplunkforAWSapp. Mentioned configuration done.
Also splunk_role created with mentioned Policies& attached to splunk instance. Also tried with new splunk...
Hi There,
I am working on an app and would like my data to be visible in theSplunk Enterprise Security dashboards.
I believe I have successfully mapped my data to the relevant CIM datamodel....
...hen we install this app we will get Web datamodel.Because i already have CIM so I have cloned this datamodel and named it "Web Analytics" . I can see thedata as it is properly tagged (tag=web), t...
Hello,
I was wondering if there is an enhancement request from Splunk to define a datamodel specifically for Cloud service providers?
There are some TAs forAWS, Azure, and Google out on thesplunk...
...apps below then restarted Splunk and still issue remains.
aaam-devops-data
aaam-devops-ui-new
aiam-itsm-ticketanalysis-ui-common-new
Lastly is we asked, AWS team to reboot the box but t...