Suspicious Email - UBA Anomaly
Description
This detection looks for emails that are suspicious because of their sender, domain rareness, or behavior differences. This is an anomaly generated by Splunk User Behavior Analytics (UBA).
Content Mapping
This content is not mapped to any local saved search. Add mapping
Help |
---|
Suspicious Email - UBA Anomaly HelpYou must be ingesting data from email logs and have Splunk integrated with UBA. This anomaly is raised by a UBA detection model called "SuspiciousEmailDetectionModel." Ensure that this model is enabled on your UBA instance. |
Search |
---|
Open in Search |