Hi, According to the Splunk Docs page HowurgencyisassignedtonotableeventsinSplunkEnterpriseSecurity if I assign an asset Medium priority and High severity in the r...
Hi
The notableevent for a user lockout correlation search is showing urgency as "Unknown", I tried changing it to Medium, but that is even showing as "Unknown".
Correlation search u...
Hi all,
Just upgraded EnterpriseSecurity 3.0.1 to 4.0.1, all went well with the exception of one outstanding item. The NotableEvents by Urgency dashboard listed under Security Posture remains u...
Is it possible to automate assignment of notableeventsto groups?
For example, if a new notableeventis triggered, is there a way to automatically assign it to a created group like to the L1 team?
Dear All,
We have toinclude the urgency of the eventin the Splunk App for EnterpriseSecuritynotableevents. Could anybody help me out which variable I need to add in the subject line?
$a...
Hello all,
I am trying to create a python script that pulls down information from a notableeventinEnterpriseSecurity. Then, passes that information (IP addresses, MD5s, and files) to third p...
I have an alert set up in my SplunkEnterpriseSecurity environment that is set to trigger when we receive a notable that is marked as either high or critical urgency. This search has worked in the p...