...: Monitor a web server Monitor an application server Monitor securityincidents The examples are really simple, and the resulting dashboard created in the tutorial is a poor example of something y...
...EnterpriseSecuritySuite) from etc/shcluster/apps to etc/apps folder Ran the upgrade command – (/opt/splunk/bin/splunkinstall app ./splunk-enterprise-security_620.spl -update 1) Ran the essinstall command as per the in...
...rem SplunkEnterprise (no Slunk Cloud SaaS). Currently, only one SH Clustered indexers Task: Install and configure a SH with SplunkEnterpriseSecurity. Assumption: I know the full in...
I want to set up an organized system of permissions so we can give the right access to the right data and the right Splunk features to the right analysts in my organization. Can I get a sketch of h...
...ata and AD data. Do I utilize a deployed app to my forwarders that will "automagically" ingest the data I am looking for or create an inputs.conf file to monitor the events I am looking for. S...
Hi, I'm trying to upload a simple list of malicious filenames into ES Threat Intel. I have a csv file which I formatted with the header file_name and some examples: 123.exe 123.py I get the m...
In the Incident Review panel, we select a Notable Event, click on Edit Selected and a form pops up.
I chose the first dropdown, selected "ACKIN" and clicked on Save and was returned:
Unable to c...
It's been a while since we implemented SplunkEnterprise, and user engagement has stalled a bit. We also have a lot of people who are new to Splunk. Do you have any recommendations for how we can e...
Hello,
Our security team has had a need of a asset management tool to keep track of our hardware and software inventory with respect to our security processes andsecurity controls. Our s...
...lick “Enable”. Am I eligible to use Splunk Mission Control? Currently, Mission Control is available for customers who own EnterpriseSecurity (ES) in the Cloud and is deployed in the f...