Closed thilles closed 3 years ago
Additions to all datasets, more consistent naming of fields and rearrangement of lines in props.conf Added tag comments to eventtypes.conf
Tip: use view https://github.com/thilles/splunk_admin_views/blob/main/splunkadmin_cim_validation to validate and see coverage of CIM fields
Great stuff, Thomas! Thank you!
inspired
commented
3 years ago inspired
commented
3 years ago
Additions to all datasets, more consistent naming of fields and rearrangement of lines in props.conf Added tag comments to eventtypes.conf
Tip: use view https://github.com/thilles/splunk_admin_views/blob/main/splunkadmin_cim_validation to validate and see coverage of CIM fields