Hi, Interested in knowing if federated search results from Splunk Cloud could be stored in a summary index located in a On-Premise Enterprise instance / cluster?
The thought is this c...
I need some help in migrating my on-premise Splunk instance (cluster Search heads, Indexers, and Enterprise Security) to AWS cloud and run Hybrid Search with ES Search Head.
My concern is how I c...
I have a Splunk alert where I specify the fields using "| fields ErrorType host UserAgent Country IP_Addr" and I want to receive this column order in SOAR platform. When I look at the JSON results a...
Per the Splunk Cloud documentation, it is possible to have a Hybrid Search model where an on-premise Search Head essentially connects to the Master Node in the Cloud, which then allows the Cloud I...
...tc.) isn't being indexed and doesn't appear in search in Splunk. I tried reindexing the data through SOAR but it didn't work. Adding audit input in the app is working fine, but data isn't being i...
Hi,
I have a simple AWS environment, and want to create an EC2 instance with the SplunkSOAR (On-premises) AMI from the Amazon Marketplace running on it.
I am following these i...
Hello, I am attempting to add an External Splunk Enterprise Instance to SOAR and receive the following error when I click "Test connection": I am running Splunk Enterprise On-Prem v8.2...
Hello, I'm just having a bit of difficulty differentiating between Splunk Enterprise, ITSI, SOAR, UBA, and Enterprise Security. It seems like they all do similar things. Do they a...
SplunkSOAR (On-premises) installs with a default license, the Community License. The Community License is limited to: 100 licensed actions per day 1 tenant 5 cases in the New or Open s...