splunk>enterprise
Administrator ▾Settings ▾
ES
Enterprise Security
Splunk App for Enterprise Security · v7.3.0
DAY 21 LAB · LAB 21 — WIRE ASSET & IDENTITY· week 3
Wire Threat Intel + Asset & Identity frameworks.
- ›Configure → Data Enrichment.
- ›Tag 2 hosts as priority=critical (PCI), 1 user as priority=critical (CFO).
- ›Predict urgency lift on existing notables.
Hint: A&I is the highest-leverage admin work in ES — wire once, win forever.
Configure
Saved Searches
No saved searches. Save one from the Search tab.