I have installed splunk es app and uploaded botsv1.stream_http.json
but incident_review and ess_security_posture is not hitting any event
how do I make splunk es to check my uploaded logs and generate a list of alerts like below. Please note that I am not checking the logs forwarded by agent, but the log files uploaded on the browser side
thank you
I have installed splunk es app and uploaded botsv1.stream_http.json
but incident_review and ess_security_posture is not hitting any event
how do I make splunk es to check my uploaded logs and generate a list of alerts like below. Please note that I am not checking the logs forwarded by agent, but the log files uploaded on the browser side
thank you