Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About splunkcw17
splunkcw17
New Member
Member since:
10-13-2017
06-05-2020
Community Statistics
| Posts | 6 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 10-13-2017 |
Activity Feed
- Posted Re: Is Splunk for Symantec work on 6.2? on Installation. 05-16-2018 04:34 AM
- Posted Re: How to get alerts in alertmanager to show as incidents? on All Apps and Add-ons. 11-09-2017 12:14 AM
- Posted Re: How to get alerts in alertmanager to show as incidents? on All Apps and Add-ons. 11-08-2017 07:24 AM
- Posted How to get alerts in alertmanager to show as incidents? on All Apps and Add-ons. 11-08-2017 02:57 AM
- Tagged How to get alerts in alertmanager to show as incidents? on All Apps and Add-ons. 11-08-2017 02:57 AM
- Tagged How to get alerts in alertmanager to show as incidents? on All Apps and Add-ons. 11-08-2017 02:57 AM
- Tagged How to get alerts in alertmanager to show as incidents? on All Apps and Add-ons. 11-08-2017 02:57 AM
- Tagged How to get alerts in alertmanager to show as incidents? on All Apps and Add-ons. 11-08-2017 02:57 AM
- Tagged How to get alerts in alertmanager to show as incidents? on All Apps and Add-ons. 11-08-2017 02:57 AM
- Posted Re: Splunk Enterprise not recognizing Splunk Add-on for Cisco ESA on All Apps and Add-ons. 10-13-2017 03:12 AM
- Posted Splunk Enterprise not recognizing Splunk Add-on for Cisco ESA on All Apps and Add-ons. 10-13-2017 01:17 AM
- Tagged Splunk Enterprise not recognizing Splunk Add-on for Cisco ESA on All Apps and Add-ons. 10-13-2017 01:17 AM
- Tagged Splunk Enterprise not recognizing Splunk Add-on for Cisco ESA on All Apps and Add-ons. 10-13-2017 01:17 AM
Topics I've Started
11-09-2017
12:14 AM
Here are a couple screenshots to describe what the issue is
... View more
11-08-2017
07:24 AM
The user for alert manager is the admin account created at install, this was in there by default.
I've used the 'add to triggered alerts' option, and can see the output in Alert Manager > Alerts > Configured Alert. It loads a menu with 'trigger history' and in the actions column you can do 'view history'. So I can see there is some output recorded for those alerts setup.
Just can't work out why all the incident numbers are 0, even with the time range set to way back.
... View more
11-08-2017
02:57 AM
Hi All,
I've configured two alerts from the search app in Splunk and did 'save as' from the search bar. These do appear the 'alerts' tab within Alert Manager, but nothing shows up 'incident posture'.
In permission settings for the alert, I've set it to read/write for all Apps, trigger in real-time and a trigger action to call alert manager.
Nothing shows up in 'recent incidents' or in the color coded incident counters in 'incident posture'.
In settings > Incident settings:
" _Key " column is populated, alert column is populated with a name, however 'category, subcategory, tags' are unknown/untagged.
What am I missing please?
Thanks
... View more
10-13-2017
03:12 AM
I've got the ESA add-on app loaded and visible in Cisco Security Suite, however ESA logs appear in the main security suite dashboard (with cisco:esa:legacy sourcetype) but not in the 'email security' tab - any ideas on this please?
Thanks!
... View more
10-13-2017
01:17 AM
Hi All,
I'm trying to install the Cisco ESA Add-on App https://splunkbase.splunk.com/app/1761/
However when setting this up in Cisco Security Suite, it doesn't recognize the app after I've uploaded it - please see screenshots.
It does however recognize it when configuring a data input, please could you advise?
Thanks!
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:03 AM
|
