powernsa.blogg.se

To share custom content with other ES instances, see Export content from Splunk Enterprise Security as an app. Create risk and edit risk objects in Splunk Enterprise Security.Create and manage lookups in Splunk Enterprise Security.Create and manage views in Splunk Enterprise Security.Create and manage swim lane searches in Splunk Enterprise Security.Create and manage search-driven lookups in Splunk Enterprise Security.Create and manage saved searches in Splunk Enterprise Security.Create and manage key indicator searches in Splunk Enterprise Security.Create correlation searches in Splunk Enterprise Security.To create new content or manage and customize existing content, see: Configure data models for Splunk Enterprise Security.

You can find additional configuration information in the Install and Upgrade Manual. Configure advanced filtering in Splunk Enterprise Security.Customize the menu bar in Splunk Enterprise Security.Manage permissions in Splunk Enterprise Security.Manage input credentials in Splunk Enterprise Security.Configure general settings for Splunk Enterprise Security.To perform ongoing configuration in Splunk Enterprise Security, see: See Add threat intelligence to Splunk Enterprise Security for information on all tasks related to managing threat intelligence sources in Splunk Enterprise Security.See Add asset and identity data to Splunk Enterprise Security for a full list of tasks related to adding and managing asset and identity data in Splunk Enterprise Security.Manage investigations in Splunk Enterprise SecurityĮnrich Splunk Enterprise Security with data about the assets and identities in your environment and with additional data about known threats.Customize notable event settings in Splunk Enterprise Security.Customize Incident Review in Splunk Enterprise Security.Managing Incident Review in Splunk Enterprise Security.To enable and customize the workflows for analysts in your organization, see: Use the links below to learn more about administrative tasks in Splunk Enterprise Security. If you are not administering Splunk Enterprise Security, see Use Splunk Enterprise Security for an introduction to using this app as a security analyst. Splunk Enterprise Security administrators are responsible for configuring, maintaining, auditing, and customizing an instance of Splunk Enterprise Security.