Splunk® Asset and Risk Intelligence

Administer Splunk Asset and Risk Intelligence

Splunk Asset and Risk Intelligence is not compatible with Splunk Enterprise 9.1.2 due to known issues SPL-237796, SPL-248319 where search results in "results" have more rows than expected. Upgrade to Splunk Enterprise 9.1.3 to use Splunk Asset and Risk Intelligence.

Set up data sources for Splunk Asset and Risk Intelligence

Splunk Asset and Risk Intelligence includes known, compatible data sources that can pull data from specific events. You can select from these data sources, or add your own custom data sources.

To set up data sources for Splunk Asset and Risk Intelligence, complete the following steps:

  1. Identify data sources and filter by relevant events in Splunk Asset and Risk Intelligence
  2. Add or modify a data source in Splunk Asset and Risk Intelligence
  3. Create and modify event searches in Splunk Asset and Risk Intelligence
  4. Assign data source priorities in Splunk Asset and Risk Intelligence
  5. Activate data sources in Splunk Asset and Risk Intelligence
Last modified on 05 August, 2024
Review internal enrichment data in Splunk Asset and Risk Intelligence   Identify data sources and filter by relevant events in Splunk Asset and Risk Intelligence

This documentation applies to the following versions of Splunk® Asset and Risk Intelligence: 1.0.0, 1.0.1, 1.0.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters