cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
noysherer
Explorer
Member since: ‎11-04-2018
‎05-26-2022
Community Statistics
Posts 4
Solutions 0
Karma Given 3
Karma Received 1
Member Since ‎11-04-2018
Activity Feed
View All

Re: Using Ansible uri module to add users to splun...

by in Getting Data In
‎02-27-2020 01:26 AM
‎02-27-2020 01:26 AM
I had the same problem and this worked for me: - name: Create a hec token uri: url: https://localhost:8089/servicesNS/nobody/your_app/data/inputs/http?output_mode=json user: admin password: your_password method: POST body_format: form-urlencoded body: - [ name, token_name ] - [ index, your_index ] - [ sourcetype, your_sourcetype ] ... View more

Re: Default home screen dashboard for all users

by in Dashboards & Visualizations
‎07-21-2019 07:20 AM
‎07-21-2019 07:20 AM
there is a similar question with a good answer https://answers.splunk.com/answers/204452/change-user-default-home-dashboard.html ... View more

KPIs and glass tables for the Splunk service itsel...

by in Splunk IT Service Intelligence
‎07-09-2019 01:15 AM
‎07-09-2019 01:15 AM
I am trying to add the ITSI monitoring of the Splunk service itself and felt like there must be someone who tried it before. Has anyone seen or built it already? (meaning already defined KPIs/glass tables etc) ... View more

How to separate saved search exports in Phantom ap...

by in Splunk SOAR (f.k.a. Phantom)
‎11-04-2018 01:18 AM
1 Karma
‎11-04-2018 01:18 AM
1 Karma
I work in an environment where there are different projects for different developers. I want each project to receive events from Splunk (enterprise) alerts to Phantom, and for the developers to create their own saved search exports, however, don't want them to see each other's export details. So basically my problem is that if I give their Splunk users permissions to the Phantom app then they can see all of the exports, and I can't be the one that creates all of their exports because each project has dozens. Is there maybe a more efficient way to send events from Splunk enterprise to Phantom without using the exports? Thank you for your help. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎05-26-2022 03:10 AM
Karma from
View All
Karma given to
View All