Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Need to download all the incidents from Enterprise security for i.e. - how many Incidents get generated for which use case (Correlation search name) with urgency level field

Ymitt2
Engager
‎05-11-2018 04:24 AM

I need some guidance, If someone can guide me to get the result for following query
- “Need to download all the incidents from Enterprise security for i.e. - how many Incidents get generated for which use case (Correlation search name) with urgency level/Owner name/status field”

I tried this “| es_notable_events” but not getting the same result (getting different – different count after running search and from Incident review tab )

Tags (1)
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...

Updated Data Management and AWS GDI Inventory in Splunk Observability

We’re making some changes to Data Management and Infrastructure Inventory for AWS. The Data Management page, ...