You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current code allows us to update timestamps to current time via update_timestamp: True. Could we also have a similar parameter to update the host before indexing in Splunk? Certain detections may rely on the host field or only trigger on activities happening on multiple hosts.
The text was updated successfully, but these errors were encountered:
The current code allows us to update timestamps to current time via
update_timestamp: True. Could we also have a similar parameter to update the host before indexing in Splunk? Certain detections may rely on the host field or only trigger on activities happening on multiple hosts.The text was updated successfully, but these errors were encountered: