cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Ryanjp96
Engager
Member since: ‎03-13-2023
‎03-13-2023
Community Statistics
Posts 2
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎03-13-2023
View All

Re: Splunk ES Customize Notables for Incident Revi...

by in Dashboards & Visualizations
‎03-13-2023 11:09 AM
‎03-13-2023 11:09 AM
Awesome thanks for your help @gcusello ! ... View more

How to Customize Splunk ES Notables for Incident R...

by in Dashboards & Visualizations
‎03-13-2023 10:59 AM
‎03-13-2023 10:59 AM
I am looking to include certain fields that are in the contributing events for a certain Correlation Search/Notable.  The documentation I found: https://docs.splunk.com/Documentation/ES/latest/Admin/Customizenotables This basically says you can add additional fields,  but this will apply to all Notables in Incident Review.  My question is if other notables that have different correlation searches don't include an additional field what happens?  Does it just not get displayed in that Notable or does it list the field with a null value in the Incident Review Dashboard? ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎03-13-2023 06:45 PM
Karma given to
View All