Security & the Enterprise

Much secured. So patch!

Discussions

Thread Info

Splunk Security Datasets Project

I wanted to access the Splunk Security Datasets Project. I signed up and got an email. But when i click on the link i...

by Engager in

Asking for advice: Things I wish I knew when I was entering Splunk SOC Teams

Hello all, I am looking for advice I am starting a new job soon.I have a bit of experience in the IT field around 3 y...

by Explorer in

Cyber Security

As an IT expert, how do you protect your privacy?

by Observer in

Splunk Security ES - Developer License

Wondering if anyone knows if it is possible to get a developer license to learn Splunk Security ES app? I seen some...

by New Member in

Phantom : email Msg file parser app does not extract URL embedded in images

The Outlook msg file parser app I am using to parse the email files stored in the vault works fine until an email wit...

by Explorer in

MLTK DensityFunction

What is the safe-range to increase limit of "DensityFunction" in MLTK ?Default value is 1024, the current requiremen...

by New Member in

Splunk Universal Forwarder vs. E5?

"Bobs Donuts Inc" recently went with CISCO AMP however did not realize this did not have a built-in endpoint firewall...

by Loves-to-Learn in

Huge amount of requests to LDAP

Hi, we have splunk cluster with LDAP auth enabled. Authentication is working properly but we have an issue with hug...

by Explorer in

Assist with event breaker first time user of props.conf & transforms.conf

I have a 2 fold question here, please look at the events below. 1. I would like to break the events anytime the sp...

by Path Finder in

Send email notification/alert to different recipients based on search result

Usually I specify the email recipients for the normal alerts like CPU usage... But here I am trying to send the ema...

by Loves-to-Learn Everything in

Monitor Ports of Universal Forwarders

Hi everyone, Is there any way that I can configure my Universal Forwarders to monitor their respective open ports, ...

by New Member in

Combine two data sources to display the results as column1 from the first data source and column2 from the second data

I am trying to combine the both the data sources and display the results with columns Name, user-ID, email ID N...

by Loves-to-Learn Everything in

Splunk app for hyperledger fabric

I am trying to connect our hyperledger fabric blockchain network with splunk. I have installed the app in the splunk...

by Observer in

Adding Heavy Forwarder disrupts data flow to/from all Forwarders

Version: Splunk Enterprise 7.2.9.1 Problem: If I add a Forwarder, in this case a Heavy Forwarder -- all d...

by Engager in

Admin Account

I mistakenly changed my Admin to Power in Splunk Enterprise. Is there any way to change Power back to Admin? I hope t...

by Engager in

Eval match value if port=3389 between 2 fields.

Good morning to you all, In the same index I have 2 fields called port1 and port2.Port1 and Port2 can both have val...

by Explorer in

Splunk Enterprise and audits

Hello everyone I am extremely new at using Splunk enterprise and i have been tasked with generating security audits.....

by Explorer in

Splunk ES Content Management Enable All

Setting up a new ES install and looking at Content Management. It looks like there are a lot of Disabled items, mostl...

by Communicator in

index creation

hii is there any way to set new index so that we should avoid space issue in future. Because of space issue migr...

by Path Finder in

bucket rolling

one of my index size is huge not rolling to next bucket? why not rolling and what to do on that ??

by Path Finder in

ES 6.4 Fresh Install

I am working on a fresh install of ES 6.4. I already have a Splunk Ent environment with an indexer tier, apps, single...

by Communicator in

Subscribe on updates

Hi all I want to subscribe on Splunk updates via email. I found https://www.splunk.com/en_us/blog/subscribe.html ...

by Contributor in

Baselining/Cluster Formation in Splunk

The following is data (count) per Day of Year. We are trying to check if Splunk has any baselining/clustering as "avg...

by Loves-to-Learn Lots in

Splunk as IPS

Hi all, is there case where someone setup splunk as IPS maybe? For example, on alert X trigger script which will ...

by Explorer in

combine 2 query

hi .. i have 2 queries i want to join that 2 queries and get single result query1: index=" " Message="*VM_STAT...

by Path Finder in

Get Updates on the Splunk Community!

Security & the Enterprise

Discussions

Splunk Security Datasets Project

Asking for advice: Things I wish I knew when I was entering Splunk SOC Teams

Cyber Security

Splunk Security ES - Developer License

Phantom : email Msg file parser app does not extract URL embedded in images

MLTK DensityFunction

Splunk Universal Forwarder vs. E5?

Huge amount of requests to LDAP

Assist with event breaker first time user of props.conf & transforms.conf

Send email notification/alert to different recipients based on search result

Monitor Ports of Universal Forwarders

Combine two data sources to display the results as column1 from the first data source and column2 from the second data

Splunk app for hyperledger fabric

Adding Heavy Forwarder disrupts data flow to/from all Forwarders

Admin Account

Eval match value if port=3389 between 2 fields.

Splunk Enterprise and audits

Splunk ES Content Management Enable All

index creation

bucket rolling

ES 6.4 Fresh Install

Subscribe on updates

Baselining/Cluster Formation in Splunk

Splunk as IPS

combine 2 query

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

Security & the Enterprise

Are you a member of the Splunk Community?

Discussions