Hi geeks, I integrated the TheHive and Cortex with Splunk ES for getting some alerts after triggering the correlation search rule. According to the attached Image-01, please help me for filling the correct values for "Data field name" and "Datatype field name". Also, Do I have to specify the exact name according to what is in the Cortex to identify the "Analyzers"? Image-01: Image-02: image-03: Regards, Amir
... View more
Hi All
I installed the Netflow Analytics for Splunk app and configured inputs.conf and indexes.conf on TA-netflow Add-on.
But i have not any retrieved data. also in tcpdump captures i can see the flow events incoming currently.
where is the missed configurations?
BR
Amir
... View more