Security

Community Activity

Splunk web to work on https Hello Splunkers!!I want to work Splunk on https. I am using windows server.How to generate certificate in Splunk and ... by uagraw01 Motivator in Security 04-12-2024 0 4	0	4
New "role" cannot be added to any users due to "is not grantable"; how to make roles "grantable"? I am adding a new role to allow analysts to access the Monitoring Console. I believe that the minimum set of capabili... by woodcock Esteemed Legend in Security 04-12-2024 1 8	1	8
Why is assets_by_cidr.csv lookup file empty? As I was going through the Asset and Identity Management manual, I couldn't see anything related to how to enrich the... by EssKay Engager in Security 04-11-2024 0 1	0	1
How to troubleshoot why we are unable to log in to Splunk Web? We are not able to log in to Splunk Web. We are able to log in on Box putty with the same username and password, but ... by sahils New Member in Security 04-10-2024 0 6	0	6
Port Documentation We have a standalone install which has to follow specific guidance and documentation. Without getting much into thing... by dcsteve24 Explorer in Security 04-05-2024 0 2	0	2
Removal of the confidential data Hello Splunkers!!Below are the sample events I have in which I want to mask UserID field and Password field. There is... by uagraw01 Motivator in Security 04-05-2024 0 3	0	3
Issue with excluding a decoded base64 command I have been working on decoding a base64 encoded command using the decrypt2 app. I have successfully decoded the stri... by vnarahari Loves-to-Learn Lots in Security 04-03-2024 0 2	0	2
searches skipped in the last 24hours. 500 internal server error. insufficient permission to access this resource when i try running a search on my Splunk enterprise in the search and reporting app i get the "insufficient permissio... by mfonisso Explorer in Security 04-02-2024 0 4	0	4
Hiding Splunk bar Dear Splunkers, My goal is to expose only some dashboards to external customer. Created a dedicated role and user wi... by slipinski Path Finder in Security 03-26-2024 0 3	0	3
Whats the vulnerability or risk of enabling automatic chart recovery in the analytics workspace ? I noticed in the hardening standards it states, "Disable automatic chart recovery in the analytics workspace. See Cha... by dm1 Contributor in Security 03-26-2024 1 1	1	1
How to Splunk Data Sentinel SIEM Migration \| 나머지 splunk_server=로컬 개수=0 /services/saved/searches \| 검색 비활성화=0 \| 표 제목,검색,* Splunk Web Search 쿼리를 사용하여 Json File을 사용... by Dom New Member in Security 03-21-2024 0 0	0	0
[systemd] splunk start keeps on asking to enter password I am running 7.3.3 using systemd and running into issues with running splunk restart as splunk user. I ran "splunk en... by sylim_splunk Splunk Employee in Security 03-20-2024 0 7	0	7
TLS Connection secure with hostname but not with IP I recently received CA Certificates from my Organization´s PKI Team.In CSR, I provided Server Hostname in CN and SAN ... by krutika_ag Path Finder in Security 03-15-2024 0 2	0	2
Combine data from multiple sourcetypes I have two sourcetypes containing login information and user informationSourcetype1: Login information (useful parama... by olaskallberg Loves-to-Learn Everything in Security 03-15-2024 0 19	0	19
Vulnerabilites Hi @richgalloway Good Day!!How to fix the vulnerabilities in Splunk? Please guide me with some example.Thanks by Pooja1 Loves-to-Learn Everything in Security 03-15-2024 0 6	0	6
how to create Actions from Acrtifact? HI,I would like to know how can I create a new filter by field like "slack channel name" / phantom artifact id? how i... by Shakira1 Explorer in Security 03-12-2024 0 0	0	0
Is pass4symmkey a critical security option for indexer clustering? Hi all,I have seen that pass4symmkey is optional when enabling indexer clustering. Some say that if someone knows thi... by sigma Path Finder in Security 03-11-2024 0 1	0	1
Edit Notable Event Name When we create a notable, we want to use certain fields such as source IP and destination IP, When I create the rule ... by Nawab Communicator in Security 03-11-2024 0 8	0	8
admin account from Users disappeared Hi Team,I'm currently using Version 8.2.10 and encountered an issue today. It seems that my admin account has disappe... by mgl82 Engager in Security 03-09-2024 0 1	0	1
STIG requires file permissions, ownership, and group membership of system files and commands match the vendor value I am having trouble clearing a STIG that requires file permissions, ownership, and group membership of system files a... by jmrubio Path Finder in Security 03-01-2024 0 1	0	1
TLS certificate host name validation on Universal Forwarder Hello,I have Splunk distributed deployment (cca 20 servers + cca 100 UFs). On servers, I configured SSL encryption of... by lukasmecir Path Finder in Security 03-01-2024 0 2	0	2
Authentication.conf files Hello, I am new to splunk and noticed we have two different authentication.conf files in the local folder. I compare... by Orange_girl Loves-to-Learn Everything in Security 03-01-2024 0 4	0	4
Dashboards fetched from REST Command Hi All,I am fetching dashboards using REST Command \| rest /servicesNS/-/-/data/ui/views Not all the dashboards return... by Poojitha Communicator in Security 02-28-2024 0 1	0	1
I need a query to get the new created use cases for the last 7 days I need a query to get the new created use cases in the last 7 days and another query to get the fine tuned use cases ... by yazeed New Member in Security 02-28-2024 0 4	0	4
unable to update SSL certificate -Cannot decrypt private key -Splunk 9.0.0 Hi Everyone,We're in the process of updating the SSL certificates on our Splunk servers. However, when attempting the... by saibargavg Loves-to-Learn Lots in Security 02-28-2024 0 1	0	1