Hello,
As the title suggests, I have some general questions regarding the threat list activity dashboard.
Q1: Where does it get input from?
Q2: Does it use a database? if so, what are they?
Q3: How does it correlate data?
any other detailed information (scenarios..etc) about this dashboard are appreciated
I apologize beforehand if my questions sound very basic. I'm just a beginner who's trying to get a better understanding of splunk's workings, and the documentation provided for this specific dashboard is not enough in my opinion.
thank you in advance!
... View more