Quantcast
Channel: Questions in topic: "splunk-enterprise"
Viewing all articles
Browse latest Browse all 47296

Custom Adaptive Response Action in ES with Validation

$
0
0
Hello, I'm unable to get field validation in a custom Adaptive Response Action in Splunk Enterprise Security. What I would achieve is field validation that obliges the user to fill the field (required field) but I can't get even the simplest validation working. When I click on the run button in the adaptive actions modal view on the incident I get no validation but a message saying "action has been dispatched". Furthermore which field should I put in alert_actions.conf.spec and savedsearched.conf.spec, the documentation I have read is quite vague. Thanks!

Viewing all articles
Browse latest Browse all 47296

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>