Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
613 results
Sorted by:
04-14-2022
01:07 AM
I have Power-user access only.
I have a Splunk query and I enabled an alert as a Notable Event. And I also received the notable events in ES --> Incident Review.
But I am not getting the S...
Labels
04-09-2021
02:25 PM
Hello everyone. I am trying to deploy ESS, but I having some trouble with the notable events. I can not see results at the Incident Review dashboard and this is because the notable event index is e...
Labels
- Labels:
-
field extraction
06-11-2021
12:33 AM
Hello Everyone, I'm trying to use Splunk ES feature for AWS cloudtrail data. I'm using default main index for cloudtrail events. I created one correlation search and added trigger action as notable o...
Labels
09-13-2021
04:12 AM
...lerts as notable events in Splunk ES. Facts: 1. I have created a Splunk Correlation search in Content Management "Suricata Medium Severity Alert" which has a custom search: index=suricata s...
- Tags:
- notable
Labels
02-09-2017
11:22 AM
1 Karma
I am trying to assign custom tags to notable events so that they can be triaged by certain analysts, i.e., tier 1. I have a cron scheduled search created and it is set to create notable events; t...
08-27-2020
07:36 AM
...he old low severity notable events changed to High automatically. (this search is on data model so dose not have any eval urgency in search). How to avoid changing old notable event severity&n...
11-03-2017
06:04 AM
2 Karma
Hi All,
I've just got Enterprise Security configured and im now trying to reduce the amount of false alarms created. Im seeing a lot of low/medium urgency network notable events that I would c...
04-18-2018
06:37 AM
...0m events per day I'm sure it's not true that there hasn't been at least 1 notable event.
where do I check to see why these events are not being generated?
11-25-2020
12:30 PM
I have created a workflow action to send a Notable Event to ServiceNow to create an incident. I am unable to figure out how to resolve nested tokens. For example, if the rule title for the c...
Labels
- Labels:
-
notable event
11-01-2021
08:37 AM
1 Karma
...re showing up. 2) Is there a way to customize which addn. fields to show for which Notable event /Co-relaion search ?
- Tags:
- Additional fields
Labels
