Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Vulnerabilites

Pooja1
Loves-to-Learn Everything
‎03-14-2024 06:10 AM

Hi @richgalloway 

Good Day!!

How to fix the vulnerabilities in Splunk? Please guide me with some example.

Thanks

Labels (1)
Labels
0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎03-14-2024 01:40 PM

Can you clarify your definition of "vulnerabilities in Splunk"?  If it is a known vulnerability that affects Splunk Enterprise, for example, Splunk will issue an update.  Your "fix" is to install that update. (This happened several times in the past half year.  It also happened with the 9.0 release.)  If the known vulnerability affects Splunk Cloud, the "fix" is to wait for Splunk to update the cloud.

If you are talking about vulnerabilities in your own applications identified by a specific Splunk product such as Splunk Security, each vulnerability will have its own remediation method.  There is no way to generalize. (Although products like Splunk Security may give you specific hints, recommendations, even procedures.)

0 Karma
Reply

Pooja1
Loves-to-Learn Everything
‎03-14-2024 11:24 PM

Hi Team,

How to consolidate the Thousand Eyes alert going to Splunk so we will monitor only one dashboard in Splunk? Please provide me the process/steps.


Thank you.

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎03-15-2024 12:12 AM

Hi

this is a community where volunteers give some helps and hints to other on their spare time. Please don’t tag any names when you are asking help! If you need some help, try to describe your issues as clearly as possible and give to us examples, sample data, your SPL etc. and remember we are volunteers which loves to help other splunk users, but we are not here to do your job!

r. Ismo

0 Karma
Reply

Pooja1
Loves-to-Learn Everything
‎03-15-2024 12:15 AM

Hi,

Thank you for your comment and i got your point.

Can you please provide me the process/steps for the below question?
How to consolidate the Thousand Eyes alert going to Splunk so we will monitor only one dashboard in Splunk?


Thanks

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎03-15-2024 02:59 AM

Your question is still like a "How I can build a car?". With this kind of information no-one outside of your organisation which know the installations and how those are deployed cannot answer correctly to you.

I propose that if you cannot go forward with Splunk documentation, then you should find some local Splunk partner or use Splunk Professional Services to go through this case with you. 

You could start with this https://lantern.splunk.com/Splunk_Platform/Getting_Started

0 Karma
Reply

yuanliu
SplunkTrust
SplunkTrust
‎03-14-2024 11:53 PM

This gets even more confusing.  What does monitoring something in one dashboard (as opposed to what?) have to do with "fixing (something) vulnerabilities" in the OP?  What does "consolidate" mean?  I begin to suspect that you are asking about some specialized Splunk app, not about Splunk security/Splunk vulnerability.

0 Karma
Reply
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...