Splunk® Enterprise Security

Use Splunk Enterprise Security

This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.

Customize Splunk Enterprise Security dashboards to fit your use case

You can make changes to dashboards and the searches behind dashboard panels to make them more relevant to your organization, environment, or security use cases. View the search behind a dashboard panel with the panel editor to see where the data is coming from. Edit the title of a panel, the search behind a panel, and even the visualization.

Drill down to raw events

Dig deeper into data on dashboards by drilling down to raw events, and use workflow actions to move from raw events to investigating specific fields on dashboards, or performing other actions outside of the Splunk platform.

You can drill down to raw events from charts and tables in dashboards. You can find information about the drilldown behavior in the Splunk platform documentation.

Create custom workflow actions

You can take action on raw events with workflow actions. You can also create custom workflow actions. You can find information about workflow actions in the Splunk platform documentation.

Last modified on 19 January, 2022
Prerequisites to use Cloud Security dashboards   Key indicators in Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 7.0.1, 7.0.2, 7.1.0, 7.1.1, 7.1.2, 7.2.0, 7.3.0, 7.3.1, 7.3.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters