Splunk® Enterprise Security

Administer Splunk Enterprise Security

Customize Splunk Enterprise Security dashboards to fit your use case

You can make changes to dashboards and the searches behind dashboard panels to make them more relevant to your organization, environment, or security use cases. View the search behind a dashboard panel with the panel editor to see where the data is coming from. Edit the title of a panel, the search behind a panel, and even the visualization.

Drill down to raw events

Dig deeper into data on dashboards by drilling down to raw events, and use workflow actions to move from raw events to investigating specific fields on dashboards, or performing other actions outside of the Splunk platform.

You can drill down to raw events from charts and tables in dashboards. You can find information about the drilldown behavior in the Splunk platform documentation.

Create custom workflow actions

You can take action on raw events with workflow actions. You can also create custom workflow actions. You can find information about workflow actions in the Splunk platform documentation.

Last modified on 14 June, 2024
Add ESCU annotations to detections and analytics stories in Splunk Enterprise Security   Add key indicators in Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 8.0.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters