Security

Is it possible to lock a Splunk user account on failed logins?

sc0tt
Builder

Is it possible to lock a Splunk user account if there are multiple failed login attempts? I've created an alert for such events, but was wondering if there was a way to lock an account as well.

Tags (4)
0 Karma

m4him7
Path Finder

We use LDAP lookup which will lock the domain account based on your policy.

khyoung7410
Communicator

Is there any other way besides LDAP?

0 Karma

sc0tt
Builder

Thanks, we don't have LDAP set up but it seems it may be the only way to accomplish this.

0 Karma
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Deprecation of Splunk Observability Kubernetes “Classic Navigator” UI starting ...

Access to Splunk Observability Kubernetes “Classic Navigator” UI will no longer be available starting January ...

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...