I want to list all the 'Authentication' related content we have created in the ES App. Is there any SPL query to get this. Need to list all the dashboards, Notable Events etc... of Authentication t...
I want to set up an organized system of permissions so we can give the right access to the right dataand the right Splunk features to the right analysts in my organization. Can I get a sketch of h...
Does it make sense to turn datamodel acceleration on for the Incident Management datamodel (default summary range is "None")? Of concern in this case is the Expired Entity Activity search inSplunk...
Hi,
Is there a way or any direct link form where i can download all the sessions of Splunk 2016 which is available at the below link?
https://conf.splunk.com/sessions/2016-sessions.html
I k...
...: Monitor a web server Monitor an application server Monitor securityincidents The examples are really simple, and the resulting dashboard created in the tutorial is a poor example of something y...
...and AD data. Do I utilize a deployed app to my forwarders that will "automagically" ingest the data I am looking for or create an inputs.conf file to monitor the events I am looking for. S...
It's been a while since we implemented SplunkEnterprise, and user engagement has stalled a bit. We also have a lot of people who are new to Splunk. Do you have any recommendations for how we can e...
Hi, I'm trying to upload a simple list of malicious filenames into ES Threat Intel. I have a csv file which I formatted with the header file_name and some examples: 123.exe 123.py I get the m...