We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Per Network Traffic DM, ids_type field is required, the TA presently does not populate this. Suggested following enhancement to the TA:
props.conf
[pan:threat] EVAL-ids_type = "network"
This field is primarily exposed within ES -> Intrusion Center -> "New Attacks - Last 30 Days" panel
The text was updated successfully, but these errors were encountered:
Resolved for firewall in commit PaloAltoNetworks/Splunk_TA_paloalto@4a5ddf3 Resolved for endpoint in commit PaloAltoNetworks/Splunk_TA_paloalto@f7c8579
Sorry, something went wrong.
Merge pull request #31 from PaloAltoNetworks/feature/TA-check
d166bc9
Feature/ta check merge
No branches or pull requests
Per Network Traffic DM, ids_type field is required, the TA presently does not populate this. Suggested following enhancement to the TA:
props.conf
This field is primarily exposed within ES -> Intrusion Center -> "New Attacks - Last 30 Days" panel
The text was updated successfully, but these errors were encountered: