Security & the Enterprise

Much secured. So patch!

Community Activity

Splunk Security Datasets Project I wanted to access the Splunk Security Datasets Project. I signed up and got an email. But when i click on the link i... by bmitchell90 Engager in Security & the Enterprise 11-22-2022 1 0	1	0
Asking for advice: Things I wish I knew when I was entering Splunk SOC Teams Hello all, I am looking for advice I am starting a new job soon.I have a bit of experience in the IT field around 3 y... by kingsmill Explorer in Security & the Enterprise 06-14-2022 0 4	0	4
Cyber Security As an IT expert, how do you protect your privacy? by mamamia0819 Observer in Security & the Enterprise 10-19-2021 0 0	0	0
Splunk Security ES - Developer License Wondering if anyone knows if it is possible to get a developer license to learn Splunk Security ES app?I seen some pa... by dramazetti New Member in Security & the Enterprise 06-25-2021 0 0	0	0
Phantom : email Msg file parser app does not extract URL embedded in images The Outlook msg file parser app I am using to parse the email files stored in the vault works fine until an email wit... by ankitsync Explorer in Security & the Enterprise 06-02-2021 0 0	0	0
MLTK DensityFunction What is the safe-range to increase limit of "DensityFunction" in MLTK ?Default value is 1024, the current requiremen... by akalokhe New Member in Security & the Enterprise 05-26-2021 0 0	0	0
Splunk Universal Forwarder vs. E5? "Bobs Donuts Inc" recently went with CISCO AMP however did not realize this did not have a built-in endpoint firewall... by Exodia Loves-to-Learn in Security & the Enterprise 05-24-2021 0 0	0	0
Huge amount of requests to LDAP Hi,we have splunk cluster with LDAP auth enabled. Authentication is working properly but we have an issue with huge a... by Dmitrii Explorer in Security & the Enterprise 05-12-2021 2 10	2	10
Assist with event breaker first time user of props.conf & transforms.conf I have a 2 fold question here, please look at the events below.1. I would like to break the events anytime the splun... by govardha Path Finder in Security & the Enterprise 05-07-2021 0 1	0	1
Send email notification/alert to different recipients based on search result Usually I specify the email recipients for the normal alerts like CPU usage...But here I am trying to send the email ... by swathiadireddy Loves-to-Learn Everything in Security & the Enterprise 04-01-2021 0 4	0	4
Monitor Ports of Universal Forwarders Hi everyone,Is there any way that I can configure my Universal Forwarders to monitor their respective open ports, and... by ch93 New Member in Security & the Enterprise 03-30-2021 0 1	0	1
Combine two data sources to display the results as column1 from the first data source and column2 from the second data I am trying to combine the both the data sources and display the results with columns Name, user-ID, email ID Note: u... by swathiadireddy Loves-to-Learn Everything in Security & the Enterprise 03-23-2021 0 9	0	9
Splunk app for hyperledger fabric I am trying to connect our hyperledger fabric blockchain network with splunk. I have installed the app in the splunk... by ginsp Observer in Security & the Enterprise 03-19-2021 0 0	0	0
Adding Heavy Forwarder disrupts data flow to/from all Forwarders Version: Splunk Enterprise 7.2.9.1 Problem: If I add a Forwarder, in this case a Heavy Forwarder -- all data flow to/... by SyntaxError Engager in Security & the Enterprise 03-01-2021 0 3	0	3
Admin Account I mistakenly changed my Admin to Power in Splunk Enterprise. Is there any way to change Power back to Admin? I hope t... by SeannF Engager in Security & the Enterprise 02-11-2021 0 1	0	1
Eval match value if port=3389 between 2 fields. Good morning to you all,In the same index I have 2 fields called port1 and port2.Port1 and Port2 can both have values... by swengroeneveld Explorer in Security & the Enterprise 02-09-2021 0 5	0	5
Splunk Enterprise and audits Hello everyone I am extremely new at using Splunk enterprise and i have been tasked with generating security audits..... by ochoa165 Explorer in Security & the Enterprise 01-20-2021 0 3	0	3
Splunk ES Content Management Enable All Setting up a new ES install and looking at Content Management. It looks like there are a lot of Disabled items, mostl... by mikefg Communicator in Security & the Enterprise 12-23-2020 0 2	0	2
index creation hii is there any way to set new index so that we should avoid space issue in future.Because of space issue migrated s... by dall Path Finder in Security & the Enterprise 12-23-2020 0 3	0	3
bucket rolling one of my index size is huge not rolling to next bucket?why not rolling and what to do on that ?? by dall Path Finder in Security & the Enterprise 12-18-2020 0 1	0	1
ES 6.4 Fresh Install I am working on a fresh install of ES 6.4. I already have a Splunk Ent environment with an indexer tier, apps, single... by mikefg Communicator in Security & the Enterprise 12-11-2020 0 3	0	3
Subscribe on updates Hi allI want to subscribe on Splunk updates via email.I found https://www.splunk.com/en_us/blog/subscribe.html page, ... by bosseres Contributor in Security & the Enterprise 11-18-2020 0 11	0	11
Baselining/Cluster Formation in Splunk The following is data (count) per Day of Year. We are trying to check if Splunk has any baselining/clustering as "avg... by a_custom_user Loves-to-Learn Lots in Security & the Enterprise 11-17-2020 0 0	0	0
Splunk as IPS Hi all,is there case where someone setup splunk as IPS maybe?For example, on alert X trigger script which will take f... by vmicovic2 Explorer in Security & the Enterprise 11-10-2020 0 5	0	5
combine 2 query hi ..i have 2 queries i want to join that 2 queries and get single result query1:index=" " Message="*VM_STATE_POWERIN... by dall Path Finder in Security & the Enterprise 09-24-2020 0 2	0	2