TA_windows_wec_app Splunk App

This App for Splunk provides some dashboards for Windows WEC telemetry data retrieved using the Windows WEC Add-On

Dashboards:

Overview shows the relationship between hosts (WEC servers) and the configured subscriptions.
Details provides the details of the subscriptions configured in a host (WEC server).
Runtime provides the runtime status of a given subscription configured in a host (WEC server).
Registry provides the status of the registry pruning of a given subscription configured in a host (WEC server).

Requirements

The Overview dashboard requires the installation of the visualization Sankey Diagram.

Configuration

The dashboards use the macro windows_wec_default_index to provide the index from where to search. By default, it uses windows*. Change the index name, if needed.

Credits

Event Log icon icon by Icons8

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
default		default
images		images
metadata		metadata
static		static
LICENSE		LICENSE
README.md		README.md
README.txt		README.txt
app.manifest		app.manifest

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

TA_windows_wec_app Splunk App

Requirements

Configuration

Credits

About

Releases 4

Packages

License

darizotas/ta_windows_wec_app

Folders and files

Latest commit

History

Repository files navigation

TA_windows_wec_app Splunk App

Requirements

Configuration

Credits

About

Topics

Resources

License

Stars

Watchers

Forks

Releases 4

Packages 0

Packages