Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk Fish Bucket indicating Virus

indra_wijaya
Engager
‎09-12-2012 09:26 PM

Hi Guys,

I have a problem related to Splunk Fishbucket..
When I run my full scan on Splunk server, it found a Trojan on the fishbucket folder.
C:\Program Files\Splunk\var\lib\splunk\fishbucket\4069420869.tmp

Any idea why this is indicated as a Virus?

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

adamw
Communicator
‎09-12-2012 09:49 PM

It's likely there used to be a virus with a similar file name, ending in tmp. Some AV programs trigger on any tmp file not actually in the Windows tmp/temp folder, but this is likely a false positive.

View solution in original post

Reply
Solved! Jump to solution

indra_wijaya
Engager
‎09-14-2012 02:35 AM

Hi adamw,

Thank you for your reply.. So this is just a false positive alert.. I see then.. Thank you for your response..

0 Karma
Reply
Solved! Jump to solution
Solution

adamw
Communicator
‎09-12-2012 09:49 PM

It's likely there used to be a virus with a similar file name, ending in tmp. Some AV programs trigger on any tmp file not actually in the Windows tmp/temp folder, but this is likely a false positive.

Reply
Get Updates on the Splunk Community!

Splunk Observability Synthetic Monitoring - Resolved Incident on Detector Alerts

We’ve discovered a bug that affected the auto-clear of Synthetic Detectors in the Splunk Synthetic Monitoring ...

Video | Tom’s Smartness Journey Continues

Remember Splunk Community member Tom Kopchak? If you caught the first episode of our Smartness interview ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud? Learn how unique features like ...