How is it possible to navigate to the list of currently-enabled ES correlation searches?
A) Configure -> Correlation Searches -> Select Status "Enabled"
B) Settings -> Searches, Reports, and Alerts -> Filter by Name of "Correlation"
C) Configure -> Content Management -> Select Type "Correlation" and Status "Enabled"
D) Settings -> Searches, Reports, and Alerts -> Select App of "SplunkEnterpriseSecuritySuite" and filter by "-Rule"
Correct Answer:
Verified
Q2: How is notable event urgency calculated?
A) Asset
Q3: What feature of Enterprise Security downloads threat
Q4: Which of the following threat intelligence types
Q5: When creating custom correlation searches, what format
Q6: Which of the following are data models
Q7: Which column in the Asset or Identity
Q8: At what point in the ES installation
Q9: The Remote Access panel within the User
Q10: Where is the Add-On Builder available from?
A)
Q11: What are the steps to add a
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents