From 3b366a24e4b5af7a9ea643daf2979afc92ca4e46 Mon Sep 17 00:00:00 2001 From: Sean Whalen Date: Wed, 24 Apr 2019 15:41:40 -0400 Subject: [PATCH] Use dark theme in Splunk dashboards --- splunk/README.rst | 24 ++++++++++++++++++++++++ splunk/dmarc_aggregate_dashboard.xml | 2 +- splunk/dmarc_forensic_dashboard.xml | 2 +- 3 files changed, 26 insertions(+), 2 deletions(-) create mode 100644 splunk/README.rst diff --git a/splunk/README.rst b/splunk/README.rst new file mode 100644 index 0000000..44a8ccf --- /dev/null +++ b/splunk/README.rst @@ -0,0 +1,24 @@ +================= +Splunk dashboards +================= + +Setup guide +----------- + +1. Navigate to the app you want to add the dashboards to, or create a new app called DMARC +2. Click Dashboards +3. Click Create New Dashboard +4. Use a descriptive title, such as "Aggregate DMARC Data" +5. Click Create Dashboard +6. Click on the Source button +7. Paste the content of ''dmarc_aggregate_dashboard.xml`` into the source editor +8. If the index storing the DMARC data is not named email, replace index="email" accordingly +9. Click Save +10. Click Dashboards +11. Click Create New Dashboard +12. Use a descriptive title, such as "Forensic DMARC Data" +13. Click Create Dashboard +14. Click on the Source button +15. Paste the content of ''dmarc_forensic_dashboard.xml`` into the source editor +16. If the index storing the DMARC data is not named email, replace index="email" accordingly +17. Click Save diff --git a/splunk/dmarc_aggregate_dashboard.xml b/splunk/dmarc_aggregate_dashboard.xml index d18878f..aa25c82 100644 --- a/splunk/dmarc_aggregate_dashboard.xml +++ b/splunk/dmarc_aggregate_dashboard.xml @@ -1,4 +1,4 @@ -
+ A summary of aggregate DMARC report data
diff --git a/splunk/dmarc_forensic_dashboard.xml b/splunk/dmarc_forensic_dashboard.xml index f501b76..93adc7e 100644 --- a/splunk/dmarc_forensic_dashboard.xml +++ b/splunk/dmarc_forensic_dashboard.xml @@ -1,4 +1,4 @@ - +