Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
52 results
Sorted by:
07-05-2020
01:54 PM
Hi, Why splunk correlation searches not running on SplunkEnterpriseSecurity App ? but correlation search run another app for example search and reporting app ES versiyon 6.2.0 Splunk Version 8...
- Tags:
- correlation searches
Labels
- Labels:
-
configuration
-
correlation search
3 weeks ago
Reg. Correlation searches. Do they have to be configured in Splunk Ent. & ES? Could they be only on one of these 2 ? And reused in the whole environment? If can be on one side? How do I benefit a...
Labels
- Labels:
-
other
08-23-2013
10:52 AM
...irstTime | `hoursago(24)` | stats dc(dest) as dest_count by transport,dest_port | search dest_count>10
In the correlation search properties (Configure->Correlation Searches->Edit Correlation...
01-02-2019
03:37 AM
We have defined more than 20 correlation searches but the correlation_searches_lister (Configure > Correlation Searches) shows only the first 20. There is no possibility to navigate to the next 2...
09-20-2020
02:30 PM
1 Karma
Hello friends, We have Splunk ES and we stored our data in different indexes (OS logs, Network logs, ...) I have a question about correlation searches. Some correlation searches didn't use Data M...
- Tags:
- correlation search
- es
Labels
08-27-2013
07:56 AM
When you create or edit a correlation search, you can configure the Time range, Cron schedule, and Throttling. I have several correlation searches configured like this:
Time range: Start: -1...
05-20-2014
10:02 AM
...? Because when it's a correlation search, it would turn into a notable event for incident handling, which is what I'm trying to do with my alerts. But, I'm not sure how to configure the correlation search...
- Tags:
- alerts
- correlation
12-01-2015
04:32 AM
Hi all,
On a similar note to this question, I would also like to know the complete list of pre-configured correlation searches available in ES 4.0
We don't have ES installed and therefore I c...
04-24-2019
02:09 PM
Is there a way to be able to configure Maintenance Windows for Services to include all Episodes without adding each service to “Association” in the correlation search? The problem with doing that i...
12-16-2016
10:49 AM
In Splunk Enterprise Security (ES), we cannot save a correlation search as a user with ess_admin. This works if user is admin.
The navigation is: ES/Configure/Content Management/Create new C...
