cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
akulg
Engager
Member since: ‎08-17-2023
‎10-29-2024
Community Statistics
Posts 3
Solutions 0
Karma Given 2
Karma Received 0
Member Since ‎08-17-2023
View All

Correlating Carbon Black Watchlist Alerts on Splun...

by in Splunk Enterprise Security
‎10-27-2024 01:17 PM
‎10-27-2024 01:17 PM
Hi, our company does not yet have Splunk enterprise security, but we are considering getting it. Currently, our security posture includes a stream of EDR data from Carbon Black containing the EDR events and watchlist hits. We want to correlate the watchlist hits to create incidents. Is this something Splunk Enterprise Security can do right out of the box, given access to the EDR data? If so, how can do we do this in the Splunk Enterprise Security dashboard?   ... View more

Re: Ingesting Data From Host Machine Into Splunk A...

by in Getting Data In
‎08-18-2023 03:47 PM
‎08-18-2023 03:47 PM
@gcusello  Thank you for such a detailed reply. I understand how to forward host-level data to Splunk if I manage the entire infrastructure. However, I am interested in how to get host-level data if I am creating a Splunk app that someone else will install. Should I assume such data already exists? And if so, how do I access it from the app? ... View more

How to Ingest Data From Host Machine Into Splunk A...

by in Getting Data In
‎08-17-2023 07:20 PM
‎08-17-2023 07:20 PM
Hi, I am a bit new to the Splunk community and interested in building a Splunk app that can process host-level log data (particularly logs produced by audit D).  My end goal is to provide some analysis of the host log and report that back to the user in the Splunk dashboard. I am unsure how to do the first step of ingesting data from the host machine into the app. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎10-29-2024 07:31 PM
Karma given to
View All