...internal" sourcetype=*content_management* But i am not getting any useful data with this query. Please kindly help me where all logs stored for content management(use cases) inEnterprisesecurity...
Configuration:
We have configured a lookup table under 'ESS Identity management' to maintain the list of users. The user list is updated daily using a scheduled search. And the 'priority' of the u...
Hi,
I have an issue at a customer where ES is not showing the notables on the incident management page or the security posture page. I have confirmed that the custom correlation searches are e...
Hi All,
We want to enable ssl in our aws splunkEnterprise cluster on management port 8089 with own certs(provided by my company) I followed all the required steps from various documents and e...
...resent on the Credential Manager page).
From the docs (LINK) there appears to be no way to specify the realm, hence no way to delete the user.
Is there something undocumented that I'm m...
I'm attempting to create a new correlation search inSplunkEnterpriseSecurity (4.1). I've created a blank app to house all the custom searches, but when I pick the app from the "Application C...
We just recently upgraded to the latest version of ES 4.7.2 from 4.5.2 However after upgrading the page content management doesn't yield any results (see screenshot).
It stays in the "Retrieving s...
...ment, but for both SH cluster members, this screen is blank. SplunkEnterprise version is 6.5.0. Earlier, with ES 4.1.2, we were able to load the correlations on both members.
Is this by d...