...ddresses. Is there a way to change this default for all Splunk REST API endpoints? I'd like to more tightly control access to these APIs, and defaulting open requires more effort to lockdown and makes it m...
...EC-specific structure required by the HEC JSON endpoint (services/collector). I understand the HEC-specific structure and the changes that I need to make. However, before I do that, I thought I'd ask: w...
...OT EDIT THIS FILE!
# Please make all changes to files in $SPLUNK_HOME/etc/apps/Splunk_TA_windows/local.
# To make changes, copy the section/stanza you want to change from $SPLUNK_HOME/etc/apps/S...
Looking for assistance with creating an email alert when an endpointchanges in logs.
We want to avoid multiple emails going out every 15 minutes and only send the email alert when the switch h...
...he app directory. I do however see other conf files, including "transforms" and "props".
B. Do I need an inputs.conf in the app directory, if so how/where should I start. What edits changes need to b...
...nterest)
My doubt is, what datamodel should I use? I'm between Endpoint and Change. But endpoint does not have a user field, I don't understand why ¿What would be the right approarch?
For f...
...ction in python else display a message saying rest api endpoint is not present So now we wanted to know In which conf to define the parameter and what changes to make in python file and which python f...
Hello,
i would like to see the Events associated to this source "Change - Abnormally High Number of EndpointChanges by User - Rule" How can i view them?
When i click on "Visualize Event" n...
Hi,
I already checked the API Endpoint list if my request is covered. But cannot find it.
I'd like to change the data input path for my deployment apps via the API from my deployment server....
Urgent Issue
We have a clustered environment and it seems that some changes were recently deployed but that deleted some of the changes previously made from UI in the ES app(ES clustered search h...