admingit
/
Splunk_deploy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'bf0075621d'
${ noResults }
Splunk_deploy/deployment-apps/es_configuration_explorer
History
admingit bf0075621d
first commit 		1 year ago
..
bin first commit 1 year ago
default first commit 1 year ago
local first commit 1 year ago
metadata first commit 1 year ago
static first commit 1 year ago
README first commit 1 year ago
splunkbase.manifest first commit 1 year ago

README
Escape

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

Enterprise Security Configuration Explorer

by Dennis Morton

-------------------------------------------



The purpose of this App is to make it simpler to explore your ES knowledge objects and get an overview of how things are configured. For example:

* Which Correlation Searches are enabled, real-time, or use MLTK?

* How many and which Key Indicators are accelerated?

* Which searches set risk scores and by how much?

* Who made changes to Correlation Searches?

* ... and much more.  



I've been using versions of this App for quite some time because it scratched an itch ;-)



Requirements: Enterprise Security >= 6.0 since this is the version that replaced Extreme Search with MLTK.