Splunk® Enterprise Security

Install and Upgrade Splunk Enterprise Security

This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.

Search

This page is currently a work in progress; expect frequent near-term updates.

The Search menu in the Splunk App for Enterprise Security includes these additional dashboards.

Dashboards

Dashboards shows all of the available dashboards that can be used by the Splunk App for Enterprise Security. Use the Navigation editor <link> to add or rearrange the default dashboards.

Click the arrow to display information about the dashboard including the add-on that contains the dashboard, the schedule for the searches that populate the dashboard, and permissions. Click Edit next to Permissions to change the permissions for the dashboard.

screenshot of edit panel

Click Save when you are done.

Click Edit under Actions to modify panels in the dashboard, to edit the source XML, or convert the panel to HTML. You can also edit the title, description, or permissions here. Click Clone to create a copy of the dashboard.

screenshot of dashboard edit panel

Reports

Reports lists all of the available searches that can be used. Reports are organized by domain and contain information about the add-on where the search is located, whether the search is scheduled or real-time, if it is accelerated, and the permissions associated with the search.

screenshot of report details

Any of these searches can viewed as a standalone panel by clicking Open in Search. Click Edit to modify the description, permissions, schedule, or acceleration for this search. Click Clone to create a copy of the search.

screenshot of edit panel

Pivot

Pivot displays the data models available in your deployment. The panel shows which data models are accelerated, the actions available (edit, Pivot), the App, Owner, and Sharing for this data model (App or Global).

Click Edit to modify the data model. Edit the objects, title or description, permissions, acceleration. Click Clone to create a copy of the data model.

screenshot of edit panel

(not recommended)

See <link> in the core Splunk documentation for more information about data models and the data model editor.

Search

Click Search to open the Search & Reporting app in Splunk.

Need updated screenshot

Additional Information

For more information about using the Search dashboard, see <link to core docs>

Last modified on 10 December, 2013
Additional dashboards   Use reports to create dashboards

This documentation applies to the following versions of Splunk® Enterprise Security: 3.0, 3.0.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters