Discover many of the detected elements, methods, processes, etc. of an attack and develop a timeline of how the attacker gained initial access: Intrusion Detection With Splunk-> Finding the Source of ...

This search expands on the search from the previous task and searches for the keyword fail*. The wildcard tells Splunk to expand the search term to find other terms that contain the word fail such as ...