...data model for use inEnterpriseSecurity, but unfortunately, the bulk of the useful fields are not extracted by Splunk_TA_windows.
I was hopeful when reviewing the answer given to the q...
...ES > SH for monitoring authenticationactivity of admin user on all splunk servers. from where i need to specify thing/data. in forwarder or in SH>ES ? how flow of data work in this case....
Issue When configured to use Azure SAML on our EnterpriseSecurity search head (no Authentication Extension yet specified) I discovered that EnterpriseSecurity 6.4.0's Incident Review's "Run A...
Hello, I'm just having a bit of difficulty differentiating between SplunkEnterprise, ITSI, SOAR, UBA, andEnterpriseSecurity. It seems like they all do similar things. Do they a...
Hi,
Is there a way or any direct link form where i can download all the sessions of Splunk 2016 which is available at the below link?
https://conf.splunk.com/sessions/2016-sessions.html
I k...
I want to set up an organized system of permissions so we can give the right access to the right data and the right Splunk features to the right analysts in my organization. Can I get a sketch of h...