×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
utkarsh__
Explorer
Member since: ‎05-27-2022
‎07-12-2023
Community Statistics
Posts 6
Solutions 0
Karma Given 4
Karma Received 0
Member Since ‎05-27-2022
Activity Feed
View All

Re: Alert users who have exported dashboards

by in Security
‎01-19-2023 11:04 PM
‎01-19-2023 11:04 PM
Hey @scelikok , thanks for replying. The query only works for classic dashboards and not for the dashboard studio ones. I am not able to find any event related to studio dashboard exports. Would you please be able to help me find one. ... View more

How to alert users who have exported dashboards?

by in Security
‎01-19-2023 02:48 AM
‎01-19-2023 02:48 AM
Hi, I have a requirement to alert all users who have pressed "export" from Splunk. I have written the spl for listing users who have exported search results or dashboard panels.     index=_internal export | regex uri_path="(jobs|results|events)\/export$" | table user | dedup user     But this is not catching the dashboard exports. I want to alert users who have exported the complete dashboard in pdf format. Kind help will be appreciated. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎07-12-2023 11:58 AM
Karma given to
View All