Can any one help me in generating a lookup to dynamically add the Active Directory to the SplunkEnterpriseSecurity - Assets andIdentity list? Had worked out for the the Identity part, but it w...
Hello,
We have issues to merge our dhcp_asset_list (made of dns record, mac and ip address) into the Asset & Identity Management subsystem.
I realize that there is a condition into a m...
As I was going through the AssetandIdentity Management manual, I couldn't see anything related to how to enrich the two lookup files assets_by_cidr.csv andassets_by_str.csv. F...
...I know one way, with scripted input, is to create a script that reads logs and parallel add any value to the result.
Do we have another more elegant way of doing this? I searched but I c...
Hello,
Our security team has had a need of a asset management tool to keep track of our hardware and software inventory with respect to our security processes andsecurity controls. Our s...
I'm using EnterpriseSecurityand am getting the following:
Using SA-IdentityManagement
Populating identities using ldapsearch to lookup within scheduled search.. lookup then populates using Identity...
...correlation for fields that might be present in an event set returned by a search. The AssetandIdentity framework relies on lookupsand configurations managed by the EnterpriseSecurity a...