splunk / rba

RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high-fidelity, low-volume alerts.

https://splunk.github.io/rba/

splunk/rba Issues

[Issue]: Risk Notable Analysis Dashboard always reports the same `threat_object type` for all Threat Objects
Closed a month ago2
[Issue]: RBA Data Source Review Dashboard issues
Closed a year ago1
[Issue]: Risk Attribution (Investigative View) Errors
Updated a year ago2
[Issue]: Missing CSS/JS files in some dashboards
Updated a year ago
[Issue]: Missing version in rba_data_source_overview dashboard and others
Closed a year ago
attack_web_viz.csv does not exist or is not available
Closed a year ago
[Feature Request]: Dedup Risk Events v2
Closed a year ago