A user is unable to access investigations inEnterpriseSecurity (version ES 7.1.1) on Splunk Cloud (Splunk 9.0.2) . When clicking on investigations from the main menu the message "You do not have permissions...
...internal" sourcetype=*content_management* But i am not getting any useful data with this query. Please kindly help me where all logs stored for content management(use cases) inEnterprisesecurity...
Configuration:
We have configured a lookup table under 'ESS Identity management' to maintain the list of users. The user list is updated daily using a scheduled search. And the 'priority' of the u...
Hi,
I have an issue at a customer where ES is not showing the notables on the incident management page or the security posture page. I have confirmed that the custom correlation searches are e...
Hi All,
We want to enable ssl in our aws splunkEnterprise cluster on management port 8089 with own certs(provided by my company) I followed all the required steps from various documents and e...
I'm attempting to create a new correlation search inSplunkEnterpriseSecurity (4.1). I've created a blank app to house all the custom searches, but when I pick the app from the "Application C...
We just recently upgraded to the latest version of ES 4.7.2 from 4.5.2 However after upgrading the page content management doesn't yield any results (see screenshot).
It stays in the "Retrieving s...
...ment, but for both SH cluster members, this screen is blank. SplunkEnterprise version is 6.5.0. Earlier, with ES 4.1.2, we were able to load the correlations on both members.
Is this by d...
...hreatIntelligence/correlation_searches/get_searches' was not found.' with 'Page not found!' for security reasons"
This happens when I want to open the "Content Management" Page in the SecurityEnterpriseSecurity...