Splunk Enterprise Security
30947296
3361
hello all!I am trying to add field to an artifact with "update artifact" action (phantom app).i am trying to add a '... by meshorer Path Finder in Splunk SOAR (f.k.a. Phantom) Thursday 0 4 | 0 | 4 | ||
Hi,Notable events in ES can now be assigned Dispositions. I am able to create new Dispositions from the Incident Revi... by ezmo1982 Path Finder in Splunk Enterprise Security Wednesday 1 2 | 1 | 2 | ||
Does Splunk ES Support IPV6? I've seen some posts that others have had issues with ipv6 assets within the asset looku... by aelliott Motivator in Splunk Enterprise Security 2 weeks ago 1 3 | 1 | 3 | ||
HelloI'm trying to pass a list of dicts from a "custom code block" into a "filter block", to run either ip_lookup, ha... by glc_slash_it Path Finder in Splunk SOAR (f.k.a. Phantom) 2 weeks ago 0 2 | 0 | 2 | ||
HelloWe have multiple people working on the content in Splunk Enterprise Security, and I need to be able to find when... by LIP Loves-to-Learn in Splunk Enterprise Security 2 weeks ago 0 10 | 0 | 10 | ||
I want to create a default search filter for ALL users that go into ES Incident Review. You can create a new filter ... by cmeisch Path Finder in Splunk Enterprise Security 2 weeks ago 0 6 | 0 | 6 | ||
I am looking for help with Splunk configurations that the documentation does not seem to provide and can not be found... by dood9999 Engager in Splunk Enterprise Security 3 weeks ago 0 0 | 0 | 0 | ||
Using SOAR export app in Splunk, we are pulling certain alerts to SOAR. Depending on the ip, the artifacts are groupe... by ansusabu_25 Observer in Splunk SOAR (f.k.a. Phantom) 3 weeks ago 0 5 | 0 | 5 | ||
hello all,I have an app that to perform an action I cant insert the required parameter as a list. but as a string.thi... by meshorer Path Finder in Splunk SOAR (f.k.a. Phantom) 3 weeks ago 0 3 | 0 | 3 | ||
Hi,Could anyone please help me in fine tuning this search as it is raising lot of alerts| tstats count min(_time) as ... by AL3Z Builder in Splunk Enterprise Security 3 weeks ago 0 5 | 0 | 5 | ||
Do we have any content to detect "Moniker Link" - CVE-2024-21413 by mrkrabhishek New Member in Splunk Enterprise Security 3 weeks ago 0 0 | 0 | 0 | ||
Is there a way to use multivalue fields in SOAR? I have not been able to find a good article on how to do this.We hav... by staylor Engager in Splunk SOAR (f.k.a. Phantom) 3 weeks ago 1 3 | 1 | 3 | ||
As the title suggests, our system needs a proxy to hit our SAML2 authentication service, but I don't see an option to... by catherinelam Loves-to-Learn in Splunk SOAR (f.k.a. Phantom) 3 weeks ago 0 0 | 0 | 0 | ||
Hi, I've got a problem with this playbook code block, the custom functions I try to execute seem to hang indefinitely... by jokr Observer in Splunk SOAR (f.k.a. Phantom) 4 weeks ago 0 2 | 0 | 2 | ||
Hi,Could anyone pls guide me how we can detect an attacker moving laterally in the environment can be a challenge rig... by AL3Z Builder in Splunk Enterprise Security 4 weeks ago 0 2 | 0 | 2 | ||
Is there a way to give a user read-only access to only a specific dashboard on Splunk ES such as the Executive Summar... by treven Explorer in Splunk Enterprise Security 4 weeks ago 0 0 | 0 | 0 | ||
I'm using the Service-Now application to build some lookup tables for user and asset information, which is needed for... by milesbrennan Path Finder in Splunk Enterprise Security 4 weeks ago 1 3 | 1 | 3 | ||
How do I get my Incident Review in ES to auto refresh, without having to manually auto refresh it from the browser. by mr_t2083 Explorer in Splunk Enterprise Security 02-15-2024 1 8 | 1 | 8 | ||
Hello Team We have a UBA 3-nodes architecture. Unfortunately, SAML authentication is required. We added the SAML xml ... by adol83 Explorer in Splunk User Behavior Analytics 02-14-2024 0 1 | 0 | 1 | ||
Hi Guys, I would ask how to add a link on the next steps form. on the correlation search I read: "Add a link to an ... by aasabatini Motivator in Splunk Enterprise Security 02-14-2024 0 5 | 0 | 5 | ||
Hello, How do I obtain an NFR license (or the like)? We have integrations with Splunk but no way to test/evaluate th... by DRWhite1 New Member in Splunk Enterprise Security 02-13-2024 0 2 | 0 | 2 | ||
Hi Everyone,We`ve created a new TA to get data in from an API - this was done on the HF and the data is being sent to... by tomapatan Communicator in Splunk Enterprise Security 02-09-2024 0 1 | 0 | 1 | ||
Why I can't I see data on Splunk ES Non-corporate Web Uploads? When I click on the user, I get mariangelie.rodriguez... by jamesbanday New Member in Splunk Enterprise Security 02-08-2024 0 1 | 0 | 1 | ||
Hi Folks, lately MC started behaving little wired, after performing investigation whenever SOC analyst trying to redu... by vishenps Path Finder in Splunk Mission Control 02-08-2024 0 3 | 0 | 3 | ||
Hi peeps, We were fine tuning the Notable Event, and there were fields that were not showing any values. Those fields... by syazwani Path Finder in Splunk Enterprise Security 02-08-2024 0 3 | 0 | 3 |
Splunk has training and education options for everyone, whether it's your first or fiftieth deployment.
User | Karma Count |
---|---|
1 | |
1 | |
1 | |
1 |