Hi Splunkers, I have an issue witha search that usealookup. I know here on community there are a lots of post on this argument, but event reading them I'm still in struck. My search must simple m...
I have two lookups. One consists of the allowed URLs. The other consists of the URLs from a firewall. For example in the first google.com
dummy.com In the s...
I am running a search job to view Vulnerability results/data. The search runs every week Saturday evening. I want to dump the results into alookup file which will run automatically e...
...Dashboards etc.
The bit that has me stuck is lookups. We have a number of lookups that define things like alert thresholds, etc. ATM, these are all set up in a centralized fashion withall c...
...History.
Use "Sideview Util -The Lookup Updater" to add/update data (data is not deleted) in base CSV lookup file. All changes (add/updated) should go to lookupHistory index with updated t...
Splunk doc says, Expected Views list specifies Splunk Enterprise Security views that are monitored on a regular basis. But what are these views monitored for ? What do I need to a...
Hi There,
I am currently looking at a search within Splunk Security Essentials (Concentration of Attacker Tools by Filename).
The search mentions a file named "tools.csv", which I assume is a l...
I have a csv file that tracks firewall rule hits. I would like to create a form that reads the csv and populates a drop down menu that allows the user to select a field extracted via rex which will p...