Hi,
I have been using Splunk actively for three months. I have created custom insights in AWS security hub to monitor continuous compliance tasks. But, these are not setup to send alerts when there is a change in the number of failed resources. I understand it is possible to create these AWS insights in Splunk, and setup alerts when there is a change. How is this done? I imagine these would be standard searches that anyone can use.