×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
payal_4296
New Member
Member since: ‎12-18-2023
‎02-09-2024
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎12-18-2023
View All

How to create investigations in Splunk ES using RE...

by in Splunk Enterprise
‎02-08-2024 10:36 PM
‎02-08-2024 10:36 PM
How can I create Investigations in Splunk ES using REST APIs and not using Splunk WEB UI. ... View more
Labels

Where does the information related to Splunk Inves...

by in Splunk Enterprise Security
‎12-18-2023 10:08 AM
‎12-18-2023 10:08 AM
Where is the data from the Splunk Enterprise Security (ES) Investigation Panel stored? In the previous version, it seemed to be stored in a KV lookup, but I can't find it in the current 7.x version. I understand that the Notable index holds information related to incidents from the Incident Review Dashboard. How can we map Splunk Notables and their Investigations together to generate a comprehensive report in the current 7.x ES version? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎02-09-2024 01:18 PM