Hello, I'm just having a bit of difficulty differentiating between Splunk Enterprise, ITSI, SOAR, UBA, and Enterprise Security. It seems like they all do similar things. Do they a...
I inherited a splunk mesh of search-heads, deployment server, index cluster, etc. I am trying to figure out all this splunk stuff, but ran into an issue that I am not sure if it ignores best p...
Is there a document that simply and concisely compares the features of Splunk User Behavior Analytics (SplunkUBA) and Splunk Enterprise Security? I cannot find anything like that except for l...
I use SplunkUBA 5.3.0 when I try to add data source with splunk direct, raw events it will be error "There was an error processing your request. It has been logged (ID ...)" How to fix it? Splunk...
Hi, let me first state that I am very new to Splunk. How can I do the following please? I would like to add a column called Department to my table. The department value is not part of the event data...
...subset of data for each sourcetype and send them to a UEBA solutions. Due some issues, we worked with ODS and now we achieved our purpose. All data continue to be sent to Splunk Cloud and a subset o...
....0.3.5, marketing
pim, staff, nohost.com, 4.0.4.8, hr lookup2.csv has the data as below cidr, location
1.2.3.0/24, dc
1.0.3.0/24, carolina
3.4.7.0/24, tx I would like to lookup for the field i...
Hi Splunk Gurus,
Hoping someone out there might be able to provide some assistance with this one.
I have a requirement to be able to display a count of sales per hr for the last 24 hrs (with f...
Hi,
I created a vulnerability dashboard that looks like this:
VulnerabilityId, Host, Service
123, HostA, Mail
234, HostA, Mail
345, HostB, Mail
123, HostC, HR
234, HostC, HR
Now I...