Getting Data In

Splunk 9 blacklist or denylist?

TheEggi98
Path Finder

Did the blacklist/whitelist got replaced by denylist/allowlist in Splunk 9?

In some Blogs i read that Splunk 9 replaced blacklist with denylist? Or is blacklist still usable?

In the Changelogs of Splunk 9 i didnt found any evidence for the change, but the Splexicon and some Blogs say something different.

https://docs.splunk.com/Splexicon:Denylist
https://www.splunk.com/en_us/blog/leadership/biased-language-has-no-place-in-tech-a-follow-up.html?l...

Thanks for explanation 🙂

Labels (3)
0 Karma
1 Solution

isoutamo
SplunkTrust
SplunkTrust

Hi

You could/should check what are the currently used versions on your installation. There are in directory $SPLUNK_HOME/etc/system/README/<conf file>.conf.spec, where are known configurations. 

With quick check it seems that e.g. inputs.conf still known white- and blacklists.

You could also check these from Splunk Docs e.g. https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf

r. Ismo

View solution in original post

isoutamo
SplunkTrust
SplunkTrust

Hi

You could/should check what are the currently used versions on your installation. There are in directory $SPLUNK_HOME/etc/system/README/<conf file>.conf.spec, where are known configurations. 

With quick check it seems that e.g. inputs.conf still known white- and blacklists.

You could also check these from Splunk Docs e.g. https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf

r. Ismo

Get Updates on the Splunk Community!

Digital Resilience Assessment Launch | How prepared are you for disruption?

Disruption is inevitable. The question is – how prepared are you to handle it? In today’s fast-moving digital ...

Buttercup Games: Further Dashboarding Techniques (Part 2)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Index This | What is the next number in the series? 7,645 5,764 4,576…

February 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...