...rom datamodel:"Change_Analysis"."Auditing_Changes"
| where ('action'="cleared" OR 'action'="stopped" )
| stats max(_time) as "lastTime",latest(_raw) as "orig_raw",count by "dest","result"
| r...
...uthentication.conf/[saml]/sslKeysfilePassword: deprecated; use 'sslPassword' instead
We modified as instructed, but every time we had to make a change in the GUI, it changed the suggested parameters back to the deprec...
As stated in the title, I'm looking for someone tell the differences between the field user and src_user in the CIM Model ChangeAnalysis (All_Change.Account_Management). The definitions in Splunk d...
...hen I developed the search and added it to triggered events, I chose the severity as High. But, when the event is triggered on Incident Review, it shows severity as low. On the Risk Analysis dashboard, i...
I'm seeing the error below under messages in my Splunk enterprise console:
Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED_Indexer IP ADDress_default-autolb-group DC-Host N...
After upgrading to Splunk Enterprise 9.0 I do get the following message from several Dashboard.
This dashboard view is deprecated and will be removed in future versions of Splunk software. Open t...
Hello, After updating SES to version 6.4.0, the menu Configure > Data Enrichment > Threat intelligence Management shows an empty content page with an error "Not found" /app/Splunk...
...schange] stanza on ours to get mofications (with time information and details about the change Add/Delete/Edit). But i also saw that is was deprecated. Is it still a good thing to use in order to m...