Hello Splunk experts:
In my organization, we trying to figure out of it's possible to customize the searchbar timeline (displayed in Event tab in verbose mode) to change the color of the time whenever certain eventtype or condition is located.
As an example: an Eventtype is created with the name "exploit" and if I made a wide search of some logs, I want to locate that Eventtype in the timeline to have some context.
Hope you can help me. Thanks.
↧