https://edit.news.e.abb.com//api/signalr/connect?https://es.abb-esm.splunkcloud.com/en-US/app/SplunkEnterpriseSecuritySuite/search?q=search%20index%3Dwaf%20%20%22httpMessage.status%22%3D200%20httpMessage.host%3D%22edit.news.e.abb.com%22%20%7C%20table%20_time%2Csrc%2CattackData.rules%7B%7D.message%2ChttpMessage.host%2CattackData.rules%7B%7D.action%2ChttpMessage.port%2CattackData.rules%7B%7D.tag%2Cgeo.city%2ChttpMessage.status%2C%20httpMessage.method%2C%20httpMessage.path%2C%20httpMessage.query%0A%7C%20rename%20attackData.rules%7B%7D.tag%20as%20web_attack_type%2C%20httpMessage.status%20as%20status%20httpMessage.method%20as%20method%2C%20httpMessage.host%20as%20host%20httpMessage.path%20as%20path%20%20attackData.rules%7B%7D.message%20as%20message%20geo.city%20as%20city%20attackData.rules%7B%7D.action%20as%20action%20httpMessage.port%20as%20port%0A%7Ceval%20status%3Dmvindex(status%2C1)%2C%20method%3Dmvindex(method%2C1)%2C%20host%3Dmvindex(host%2C1)%2C%20path%3Dmvindex(path%2C1)%2C%20city%3Dmvindex(city%2C1)%2C%20message%3Dmvindex(message%2C1)%2C%20src%3Dmvindex(src%2C1)%2C%20web_attack_type%3Dmvindex(web_attack_type%2C1)%2C%20port%3Dmvindex(port%2C1)%0A%7C%20strcat%20status%20%22-%22%20method%20%22-%22%20host%20path%20status_method_domain_path_query%0A%7C%20stats%20latest(_time)%20as%20Time%20values(src)%20as%20src%20values(message)%20as%20message%20values(action)%20as%20action%20values(port)%20as%20port%20values(web_attack_type)%20as%20web_attack_type%20values(city)%20as%20city%20values(status)%20as%20status%20values(method)%20as%20method%20values(path)%20as%20path%20values(httpMessage.query)%20as%20query%20values(status_method_domain_path_query)%20as%20status_method_domain_path_query%20by%20host%0A%7C%20convert%20ctime(Time)&earliest=1717615200&latest=1717618500&sid=1717630277.356461&display.page.search.mode=verbose&dispatch.sample_ratio=1&display.page.search.tab=events&display.general.type=statistics#