Security

Discussions

Thread Info

Permission Denied when checking status of Splunk

I get these errors when trying to check the status of SPLUNK after a restart of the device: Pid file "/trvapps/splunk...

by Path Finder in

SSl Error saying the port number is wrong

Trying to connect from vendor UF to our indexer through configuring SSL certificate. We have enabled SSL on both side...

by Path Finder in

How do you check successful brute force logins?

Is there a better way to check sucessful brute force logins? raw event (this is a microsoft exchange web access lo...

by Communicator in

Securing Splunkweb (Free version)

Hi. It sounds completely inane to me to not have any authentication on the free splunkweb interface. I use splu...

by Path Finder in

logged in user temporarily drop a role

We are developing an app with dashboards which are only shown if the current user has certain Splunk roles, this role...

by Contributor in

How to add a new Active Directory group to an existing LDAP strategy?

We recently created a new group in Active Directory to support a new set of users we want to have access to splunk wi...

by Engager in

Can we access Splunk using a subsite configuration?

Hi, How can we configure splunk to be accessibla within a subsite, by exampleȘ https://something.com/subsite/.... ...

by New Member in

Monitoring communication between source and destination that use SSL or TLS

Hi. Which you know apps that can track communication between src and dest hosts that use SSL or TLS encryption proto...

by Builder in

Indexes are not available to select from "Available search indexes" during role creation since upgrade to 7.0.0

Since upgrading to splunk 7.0.0 I am not able to select our indexes from our indexcluster from "Available search inde...

by Explorer in

How to remediate when running testssl.sh against Splunk server reveals vulnerability to "Secure Client-Initiated Renegotiation"?

I ran the testssl.sh tool against my Splunk server and it came back saying that I was vulnerable to "Secure Client-In...

by Contributor in

Can I rename a user without deleting and recreating the user?

For my customers i have added multiple users to run searches and create dashboards. Now an users name has changed and...

by Engager in

View Contents of Authorize.conf from Web GUI

Hi All, I was wondering if someone could provide a search string that would list Users present within my Splunk Cl...

by Communicator in

Different data acceleration methods

Hello There are 3 methods for data acceleration, each method has specific constraints 1). Summary indexing - It...

by Explorer in

How can I restrict user access to write to an index?

Use of the collect command, or enabling summary indexing for a report, this feature allows a user/role to write to an...

by Path Finder in

Recommended permissions on /var/log for Splunk_TA_nix

Hi, Is there a recommended way of giving the Splunk TA sufficient privileges to read /var/log? Let me elaborate...

by Builder in

grant access to splunk

where to grant access ..in access control ? give me steps please give me detailed steps on how to gove splunk access ...

by Path Finder in

How to add a role to a user?

We have SHC and LDAP authentication. we have a role called "RoleA" and I want to add user "AAA" to that role. How can...

by Path Finder in

LDAP Authentication Manager Errors

Hi, I have a Splunk stand alone test system that I have successfully configured to use LDAP Authentication. Everyt...

by Explorer in

Custom application - Why can't I access some indexes unless I'm using an admin role?

Hello splunkers  I have a new issue and I'd like to have your opinion on this. I created a new custom application...

by Path Finder in

What setting can I change for a role to give them larger export capabilities?

I have a user whose search export results are capping at 10Mb ... But with the admin role I can export well beyond th...

by Contributor in

Top Labels

access control 71
audit 28
authentication 76
encryption 31
LDAP 25
login 44
other 116
permissions 46
SAML 23
SSL 68
SSO 18

Security

Discussions

Permission Denied when checking status of Splunk

SSl Error saying the port number is wrong

How do you check successful brute force logins?

Securing Splunkweb (Free version)

logged in user temporarily drop a role

How to add a new Active Directory group to an existing LDAP strategy?

Can we access Splunk using a subsite configuration?

Monitoring communication between source and destination that use SSL or TLS

Indexes are not available to select from "Available search indexes" during role creation since upgrade to 7.0.0

How to remediate when running testssl.sh against Splunk server reveals vulnerability to "Secure Client-Initiated Renegotiation"?

Can I rename a user without deleting and recreating the user?

View Contents of Authorize.conf from Web GUI

Different data acceleration methods

How can I restrict user access to write to an index?

Recommended permissions on /var/log for Splunk_TA_nix

grant access to splunk

How to add a role to a user?

LDAP Authentication Manager Errors

Custom application - Why can't I access some indexes unless I'm using an admin role?

What setting can I change for a role to give them larger export capabilities?

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >

AOC for Splunk

What are methods to encript password under deploym...

DBconnect accessing SQL Diagnostic Manager every 3...

BAD REQUEST on loginType=splunk and SAML authentic...

Unable to connect to splunk enterprise AMI with de...

Security

Discussions

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20. Learn More or Register Now >

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >