cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
nsmalley_splunk
Splunk Employee
Member since: ‎08-18-2014
‎06-05-2020
Community Statistics
Posts 4
Solutions 1
Karma Given 1
Karma Received 4
Member Since ‎08-18-2014
Activity Feed
Topics I've Started
No posts to display.
View All

Re: Splunk Enterprise Security: SA-NetworkProtecti...

by Splunk Employee in Splunk Enterprise Security
‎10-21-2017 10:15 AM
1 Karma
‎10-21-2017 10:15 AM
1 Karma
You can add additional fields to extend the capability of the lookups in ES. If/when you do this you will also want to do a couple additional things using the rough outline provided below: 1. Configure additional Fields in lookups and schedule lookup creation - http://docs.splunk.com/Documentation/ES/4.7.3/Admin/Createsearchdrivenlookups 2. Configure Correlations searches to leverage lookup and scheduled Correlations Searches to create Notable Events - http://docs.splunk.com/Documentation/ES/4.7.3/Admin/Configurecorrelationsearches ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma given to
View All