×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
tyrone_osilesi7
Explorer
Member since: ‎08-28-2015
‎06-05-2020
Community Statistics
Posts 4
Solutions 0
Karma Given 3
Karma Received 0
Member Since ‎08-28-2015
Activity Feed
View All

Re: How to forward data to both third party and in...

by in Getting Data In
‎03-29-2017 11:12 AM
‎03-29-2017 11:12 AM
I found this link to be useful: https://answers.splunk.com/answers/211403/how-to-configure-inputsconf-and-outputsconf-on-the.html ... View more

Re: Creating new notable events based on new input...

by in Splunk Enterprise Security
‎03-17-2017 01:33 PM
‎03-17-2017 01:33 PM
Thanks for the assist- really helpful. Any ideas on how to adjust the configs of these respective apps? Does the manipulation occur within ES, the app itself, or does it just depend on what you are trying to do? Thanks in advance. ... View more

Creating new notable events based on new inputs vi...

by in Splunk Enterprise Security
‎03-16-2017 04:08 AM
‎03-16-2017 04:08 AM
Does anyone have any advice on how to use Splunk's pre-canned correlation searches within Enterprise Security and have events fire for incident review (notable event) based on new sourcetypes/data inputs? We have for example bit9 and bro logs coming into Splunk and I'd like to have some logic applied to these inputs for any anomalies, etc., so that analysts can look at this stuff while using the Enterprise Security app. ... View more

Splunk Enterprise Security: How to correlate IOCs ...

by in Splunk Enterprise Security
‎02-08-2017 11:13 AM
‎02-08-2017 11:13 AM
Hi, I have a lookup file tracking IOCs from multiple sources. I'm looking for a way to take this list and ideally generate a notable event in Splunk Enterprise Security if ever web logs show that a user attempted to navigate to an IP or domain within the list. Now that we have this data we need to put it to use. Any suggestions? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to
View All