A set of correlation searches are enabled at a new ES installation, and results are being monitored. One of the correlation searches is generating many notable events which, when evaluated, are determined to be false positives. What is a solution for this issue?
A) Suppress notable events from that correlation search.
B) Disable acceleration for the correlation search to reduce storage requirements.
C) Modify the correlation schedule and sensitivity for your site.
D) Change the correlation search's default status and severity.
Correct Answer:
Verified
Q62: What do threat gen searches produce?
A) Threat
Q63: What are adaptive responses triggered by?
A) By
Q64: Which of the following is a recommended
Q65: The option to create a Short ID
Q66: What is the bar across the bottom
Q67: Which of the following is an adaptive
Q68: Which of the following steps will make
Q70: When using distributed configuration management to create
Q71: A newly built custom dashboard needs to
Q72: What does the summariesonly=true option do for
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents