Which of the following is an adaptive action that is configured by default for ES?
Which of the following is an adaptive action that is configured by default for ES?
Creating a notable event is an adaptive action that is configured by default in Splunk Enterprise Security (ES). This action is leveraged to generate notable events based on the outcomes of correlation searches, enabling security analysts to review and take necessary actions.
Answer is B. https://docs.splunk.com/Documentation/ES/6.6.2/Admin/Configureadaptiveresponse#Included_adaptive_response_actions
Creating a notable event is an adaptive action that is configured by default in Splunk Enterprise Security (ES). This action is used to generate notable events based on the results of correlation searches, which can then be reviewed and acted upon by security analysts.
B. Create notable event
The correct answer is B
maybe correct answer is B
Most likely!