Hello,
I am recieving the following warning on my alerts:
Health Check: Detected deprecated Threat IntelligenceManager inputs that are not supported by Enterprise Security version 6.4...
...etting it to use Report Acceleration, I went to Manager and do not see "Report Acceleration" as an option. The upgrade went without error and this is the first problem like this that I've seen. Is t...
I have been asked to come up with a dashboard for my management team. I am trying to pull it from some Nagios performance stats. The data has an icmp poll against every network device on the n...
...ith respect to each reporting region. Currently, I am using the below eval in my reports:
| eval _time=case(host="Server-1", _time + (60 * 60), host="Server-2", _time + (210 * 60),host="Server-3", _...
I currently have the Web Intelligence application set up to parse and generate reports off of my Apache logs. Works great, and the reports are very useful.
However, I'm attempting to add some I...
I have a Population extract of all employees but want to create a report or only extract the ones that were hired in a certain month e.g. getting a report of all employees hired during the month of M...
Distributed Management Console Reporting incorrect amount of CPU cores for indexers
This is seen in both Splunk 6.2.6 and Splunk 6.3.0
Environment 1
Virtual Search Head has 12 CPU cores a...
In 4.3 SPLUNK we had a niche drop-down menue with our saved searches properly grouped.
Therefore we would define collections in default.xml like:
<collection label="Searches & Reports...
Hi, I have looked at Threat match "src" under Threat IntelligenceManager. In the configuration the datamodel DNS Resolution is enabled and the match field is DNS.query. However, in the g...
I have a problem, I recently started using the Splunk Theat IntelligenceManagement (TRU STAR) platform, which is our IOC management tools that contain different sources of intelligence.
The tool h...