Hi in my company they recently migrated to Spunk(EnterpriseSecurity) from QRador so installation part is done rule creation is done
and Vulnerability center , asset data feed,user data feed,t...
Hi,
I am wondering if it is possible to have my adaptiveresponseactions append fields to the notable which triggered them. I am in a situation where my adaptiveresponseaction returns a link, a...
...or more information, see Setup an AdaptiveResponse relay in the Administer SplunkEnterpriseSecurity Manual. https://docs.splunk.com/Documentation/SplunkCloud/8.1.2101/Service/SplunkCloudservice&n...
Hey all,
Looking for any better documentation/steps on integrating Splunk Stream app with EnterpriseSecurity.
Running Stream v. 7.1.1
Running EnterpriseSecurity v. 4.7
OS/Environment: A...
Hi.
It seems like the alert_actions defines insplunk_ta_snow misses param._cam parms, so they don't show up, as adaptiveresponses inEnterpriseSecurity.
How do I get them to do that?
K...
...nalysis AdaptiveResponseAction is the actual responseaction that gets triggered either instead of or in addition to a notable event responseaction when a risk rule matches. It adds risk scores a...
We made a clean installation of on-prem SplunkEnterprise 8.0.9 and EnterpriseSecurity 6.4.0. When correlation search returns results, we would like to append these results to an email via adaptive...
...ogs I have a field called "User email"
I want to send individual automatic responses to the email addresses present in the field.
The default email id for my Splunk solution is abc_splunk@m...