Hi
I am also struggling with populating Splunk with only the malicious wildfire reports within Splunk GUI. My problem is a mismatch of information. The Wildfire Dashboard is accuratley displaying the 'Wildfire Event Alerts', however this does not match the 'Search Wildfire Report Data', where only one result is populated.
Can anyone help me explain why or what to check please?
Thanks in advance
Roy
... View more