Security

Community Activity

Need to regenerate SSL Cert for SplunkWeb Hi guys, My SplunkWeb SSL Certificate is set to expire tomorrow. I'd like to renew it or regenerate a new one. ... by balbano Contributor in Security 01-31-2017 1 3	1	3
Receiving SSL data into a forwarder - ISAM9 request_syslogs to Splunk forwarder IBM Security Access Manager v9 build 9.0.1.0 * There is a bug which doesn't allow syslog to be sent of UDP, but TLS-T... by rewritex Contributor in Security 01-31-2017 0 4	0	4
How to find the Splunk application type in the navigation menu? How can I find out, if I am using Splunk Entrprise, Cloud etc without asking the Splunk admin ? I use the weburl on p... by pradjswl Explorer in Security 01-26-2017 0 3	0	3
How do I disable the display of release messages on login page? Having the release update notes on the log in page of splunk is nice however it is a security risk as well. An attack... by mctester Communicator in Security 01-26-2017 0 2	0	2
Specifying multiple LDAP static group filters Is there a way to specify multiple group search filters for multiple groups? Currently we have this (sAMAccountName =... by aaronkorn Splunk Employee in Security 01-25-2017 1 3	1	3
Force Splunk to use TLS 1.2 Hello, All of our Splunk infrastructure utilises our in house PKI for Splunk to Splunk communication. Moving forward... by cam343 Path Finder in Security 01-24-2017 0 3	0	3
Is Mongodb vulnerable to outside manipulation? I came across several reports where MongoDB installations are being targeted in malware attacks. How can verify tha... by scottrunyon Contributor in Security 01-21-2017 0 5	0	5
SAML and SSO Has anyone implemented SSO using SAML v2 like how it's outlined in the following blog? http://blogs.splunk.com/2013/0... by bsub Engager in Security 01-20-2017 2 1	2	1
How to bypass SSO when a user as never logged in Splunk? Hi, I enabled SSO for Splunk which works almost fine. I found a very annoying behavior with SSO. If a new user has ... by madsurfer Explorer in Security 01-20-2017 0 3	0	3
Splunk SSO change - no longer works. Hey Everyone. Been running splunk behind an apache proxy with NTLM for awhile. (Same host). Today, I decided to mov... by jgauthier Contributor in Security 01-20-2017 0 6	0	6
Why am I unable to log in to Splunk Enterprise? Hi, I've just installed Splunk Enterprise and when I try to log in for the first time by clicking on 'Launch browser... by Dolley87 New Member in Security 01-20-2017 0 4	0	4
How to change the default role when creating a new user? By default when a new user is created, the role of "user" is auto assigned to them. I would like to add another defau... by ejharts2015 Communicator in Security 01-17-2017 0 8	0	8
How can I make sure a role setting takes precedence over other role settings? I have a user that belongs to a few roles that use LDAP for auth. These roles have srchMaxTime set to 600. I need to ... by twinspop Influencer in Security 01-14-2017 0 2	0	2
I am trying to get URLs out of logs in Splunk. I am getting an error. my regex query is : xxx.xx.xxx.xxx\|regex = (http(s)?:(\/\/)?(w{3}.)?[-a-zA-Z0-9@:%.+~#=]{2,256}(.[a-z]{2,256})?\b([-a... by infosecowl New Member in Security 01-13-2017 0 2	0	2
How to view oldest and last login of Splunk users? For auditing and administration purposes I was trying to get a fast listing of first/last login times of all Splunk u... by tweaktubbie Communicator in Security 01-13-2017 0 3	0	3
AD Group to Splunk role map conf file Hi ALL, Where in server ( conf file - NOT UI ) can I check the AD Group to Roles mapping? I can see this entire 200... by Harishma Communicator in Security 01-13-2017 0 1	0	1
SAML: If a user belongs to several groups in LDAP and they fit several mappings, do they inherit multiple roles in Splunk 6.5.0? What happens if a user belongs to several groups in the LDAP and then this user fits in several mappings, does this u... by ofaura Path Finder in Security 01-13-2017 0 3	0	3
Tracking file system permission changes with fschange I got fschange to track when a file is added/modified/deleted, but I am having trouble tracking permission changes. I... by dpanych Communicator in Security 01-12-2017 0 4	0	4
Restrict Users to Search Specific Indexes Hi, I wonder whether someone could help me please. I have a number of teams who have Splunk apps which contain the '... by IRHM73 Motivator in Security 01-12-2017 0 4	0	4
SplunkJS SDK: Getting error "Request header field X-Splunk-Form-Key is not allowed by Access-Control-Allow-Headers" after migrating to 6.5.x Hi all, I have a custom web page calling Splunk services using SplunkJS SDK. After migrating to 6.5, the page start... by mgarciar Path Finder in Security 01-11-2017 0 1	0	1
ES (Enterprise Security) \| Correlation Searches \| Cannot Remove Hi - Am having problems removing a "correlation search". Have tried this via the SE UI from inside the editor and wi... by aportela_work Explorer in Security 01-10-2017 1 6	1	6
Limit user access to view dashboard only Is there a way to limit a user's role to only view specific dashboard and nothing else? So when the user logins they... by andrwbn Engager in Security 01-10-2017 2 1	2	1
How to customize or change the default footer in Splunk Web? hi. please see picture below to understand fine what i want. how can i do it in splunk?? thank. by fdi01 Motivator in Security 01-10-2017 5 3	5	3
how to restrict user to view only a specific dashboard? Hi, I have 2 dashboards: dashboard1 & dashboard 2 and 2 users: user1 & user2 and both dashboards are in one app APP.... by manjuase Explorer in Security 01-09-2017 0 2	0	2
Different Performance using admin user or a user with only user role Hi, I have different Performance using admin user and a user with only user role. The query is very simple, below t... by aniello_cerrato Path Finder in Security 01-09-2017 0 3	0	3