...resh SplunkEnterprise in WSL (in my case Ubuntu 22) i got success install and can doing anything normally. After that, i try install EnterpriseSecurity again. And now i got successful notification w...
I have installed the latest splunk with Splunkenterprisesecurity on it. I have worked with enterprisesecurity before, and there were some filters available to filter incidents, now in this v...
...erver.
Lets assume if i m ingesting a 300GB/day in splunk and i have 5 administrative users using search head then the highlighted below is good to follow.
If i am adding Enterprisesecurity...
Greetings!!! How to updrade from 5.3.0 to SPlunkEnterpriseSecurity version 7.0, I am having splunkenterprise 7.2.6, Kindly advise & guide me how can i u...
...assing the fields like $this$ in some other pre-configured correlation searches in EnterpriseSecurity, but in my own correlation search it does not work for some reason: Can s...
Hello, I'm just having a bit of difficulty differentiating between SplunkEnterprise, ITSI, SOAR, UBA, and EnterpriseSecurity. It seems like they all do similar things. Do they a...
Hello,
I am wondering if on a dedicated Search Head with SplunkEnterpriseSecurity it is better or not to enable Hyper-threading.
Our server is a blade with a dedicated VM with 2x20 p...
hi folks, the scenario is like below - have Enterprisesecurity (ESS) in Splunk cloud + ESCU (content updates) as part of it - if we enable a ESCU detection it works all good. - we need to m...