When you do develop those, please share with the community. i believe that such questions will lead you toward better using the data at hand and develop the use cases that are important to you.
The customer uses Splunk’s user interface and tools for IT related use cases and uses LogRhythm’s user interface and tools for all security related use cases.
Lastly, (and its my opinion only) i think a better route to take will be to ask yourself or ask your managers / peers / business unit owners / security experts or even the Azure owner or a Microsoft experts, "what do you care about that exists in this data? what would you like to see on your security dashboard?". In this certified solution, Splunk is in place and used for enterprise log/machine data collection, log management, and to search for IT related use cases. Its a little dated, but you will find there many other links to items i hope you can find helpful. In addition, Splunk Enterprise Security provides a number of other searches to help you detect abuse attempts. Look for azure, download all the apps / TAs and look for either nf or navigate to the panels directory, look for files end with. This use case is included within Splunk Enterprise Security, a Splunk app that provides prebuilt content and searches to help answer root-cause questions in real-time about malicious and anomalous events in your IT infrastructure. there are some prebuilt panels on couple of the ad-ons that are public on splunkbase Please try again with a smaller file.I assume that when you are saying use cases you mean to pre-built views and dashboards which answer some general questions on your data.
Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Release notes and upgrades Click to open the dropdown menu. Explore products Click to go to the page. The available release versions for this topic are listed There is no specific version for this documentation. You were redirected to a related topic instead. The topic you requested does not exist in the release. Please try again or submit your comments. You have been unsubscribed from this content Thank you for your feedback. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from all topics. This way you can identify any specific use-cases you want to migrate /opt/splunk/bin/splunk cmd btool savedsearches list -debug > /tmp/my. Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Alternatively, you can run a btool and identify which savedsearches are part which app.
0 kommentar(er)
