...hort to medium term.
What I would like to do is have the risk scores for a notableevent logged inincidentreview as one of the columns.
Is this possible?
We're running SplunkEnterpriseSecurity...
I have a couple searches that trigger inIncidentReview and I want to group them up by count. And than let the drill down show me the detailed information of each event. Does anyone know how to g...
Hi
Is it possible to clone/duplicate IncidentReviewin the SplunkEnterpriseSecurity app? I would like to create 2 IncidentReview dashboards and segregate the notableevents based on the c...