Clear all


Active Member

Splunk users will have to refer to Settings in order to configure alerts, APIs, macros, reports, and searches. One of the more notable configuration steps has to do with an API involving HoneyDB. This API set up can be found in the Configuration dashboard under the Settings drop-down menu and is required to obtain the Malicious IP List, since we are receiving this information from HoneyDB through a paid service. Another available option in the drop-down menu is the All Alerts dashboard; it contains our entire library of alerts. The All Alerts dashboard provides a description for every alert and the most recent activity for each alert. It’s organized by category making it simple for every Splunk user to understand the breakdown and logic behind every single alert. The last option in the Settings drop-down menu is for users who are looking to investigate on all searches, reports, and alerts that are accessible within the Cyences app. This can also be achieved by going to Splunk’s default navigation bar by clicking Settings > Searches, reports, and alerts and then selecting Cyences App for Splunk (cyences_app_for_splunk) from the App drop-down menu. 

Topic starter Posted : 20/11/2020 5:50 pm