Security

Ask a Question

Discussions

Thread Info

Is it possible to have eventtypes for user authentication with different events?

Is it possible to have eventtypes for user authentication with different events? I am working on a TA for Aruba us...

by Path Finder in

Securing indexed files: If someone could access the index directory and make changes in a journal.gz, what would happen?

Hi I was wondering, if someone could access the index directory and make some changes in a journal.gz, what is it ...

by Explorer in

What else can you do with 'edit_scripted' capability??

I have found that the capability 'edit_scripted' is required in order to use "runshellscript" This apparently is u...

by Path Finder in

Splunk 6.3 Just loaded S.o.S so why am getting "empty splunk_forwarders_cache.csv" file warnings?

I just loaded a brand new instance of Splunk Enterprise 6.3. I also loaded the Splunk S.o.S 3.2.1 app. While monitori...

by Builder in

Is it possible to grant a user access to a Splunk dashboard without any credentials or a default login as a guest user?

Is it possible to grant access to a splunk dashboard without any credentials (or) by default login as guest/guest use...

by New Member in

Spunk Mobile Access Server Displays Invalid APN

I have checked the firewall connections and i am able to connect to the apple push notification service. The only thi...

by New Member in

Splunk Cluster - AD Auth - SSO

Building my first Splunk cluster for lab. All hosts CentOS6 with full AD (kerberos) integration but wanting to add AD...

by Explorer in

Does the app permission overrule all other permissions of app content?

Hi, does the app permission always overrule all other permissions for content created in that app? Let's say th...

by Motivator in

Splunk 6.3 on Fedora 22 can't connect to Splunk Web http://splunkserver:8000

Ok, I'm new to Splunk and new to unix.. I never thought I would miss Windows server but I do. Anyway, I'm trying to l...

by Path Finder in

Change Logo on Login Screen

In an older version of Splunk I was able to change the "logo-mrsparkle.png" file to my logo and restart splunk and my...

by Path Finder in

Why does the DMC setup fail when the admin account is renamed or deleted?

The DMC general setup does not work if you delete or rename the admin account (e.g. via user-seed.conf). http://do...

by Path Finder in

DBX user capabilities for DB Connect 1 unclear

Having a Splunk server with DB Connect 1 on a heavy forwarder (not a searchhead or indexer), I intend to give DBA's F...

by Communicator in

Error with Splunk DB Connect plugin

Hi everyone, I'm trying to run a query in the app Splunk DB Connect but it always returns : Error in 'script': ...

by Engager in

How to use srchFilter to anonymize data based on role?

Haros my friends! I would like to anonymize sensitive data at search-time but, only for certain roles and without ...

by Builder in

Card Entry Access Data

Has anyone successfully indexed access data from a swipe card entry system? Specifically Honeywell. I understand this...

by Path Finder in

Get current username from SplunkJS

In a HTML dashboard, how can I determine the username of the current user? I tried this, but it seems like there s...

by Communicator in

[Errono: 10013] An attempt was made to access a socket in a way forbidden by its access permissions

When the Splunkd service is started, I receive the above error from the CEPA HTTP Server. I am on a Windows 2008 m...

by Engager in

Splunk Web Third party certificate is not working

1) I created private key SDWSearch.key 2) Removed password is removed from key 3) Generated SDWSearch csr 4...

by Path Finder in

Is it possible to force TLS version when using LDAPS for authentication?

Due to some old equipment in our environment, we need to use TLS 1.0 or 1.1 for our AD authentication. Splunk seems t...

by New Member in

Where are users' roles stored, or how can I copy users' roles from one Splunk instance to another?

I followed the instructions in this answer (and their comments too) but I can't copy the user's roles from one Splunk...

by Path Finder in

How to check if a stanza is enabled / disabled / deleted by the user from the GUI through java modular input?

Developing an add-on using the Splunk Java SDK, how to check if a stanza is enabled / disabled / deleted by the user ...

by New Member in

PassAuth not working in Splunk 6.2

I am writing a script were I need to pass authentication to access storage password. I update the commands.conf and a...

by Path Finder in

Why can only admin level users run the iplocation command when this wasn't an issue before?

For some reason, users with less than admin privileges in Splunk can no longer run iplocation based searches or see d...

by Path Finder in

When trying to apply my new SSL certificate to Splunk Web and restart, why does it just hang and the web server won't start?

Hi there, When I try to apply my newly acquired SSL certificate to Splunk Web then restart, it just hangs and won'...

by Communicator in

Mobile Access Server APN and GCM did not work! Communicate via proxy not configurable?

Hello all, We did install the Mobile Access Server on a Linux system. It's in our DMZ behind a firewall. The push ...

by Path Finder in

Get Updates on the Splunk Community!

Security

Discussions

Is it possible to have eventtypes for user authentication with different events?

Securing indexed files: If someone could access the index directory and make changes in a journal.gz, what would happen?

What else can you do with 'edit_scripted' capability??

Splunk 6.3 Just loaded S.o.S so why am getting "empty splunk_forwarders_cache.csv" file warnings?

Is it possible to grant a user access to a Splunk dashboard without any credentials or a default login as a guest user?

Spunk Mobile Access Server Displays Invalid APN

Splunk Cluster - AD Auth - SSO

Does the app permission overrule all other permissions of app content?

Splunk 6.3 on Fedora 22 can't connect to Splunk Web http://splunkserver:8000

Change Logo on Login Screen

Why does the DMC setup fail when the admin account is renamed or deleted?

DBX user capabilities for DB Connect 1 unclear

Error with Splunk DB Connect plugin

How to use srchFilter to anonymize data based on role?

Card Entry Access Data

Get current username from SplunkJS

[Errono: 10013] An attempt was made to access a socket in a way forbidden by its access permissions

Splunk Web Third party certificate is not working

Is it possible to force TLS version when using LDAPS for authentication?

Where are users' roles stored, or how can I copy users' roles from one Splunk instance to another?

How to check if a stanza is enabled / disabled / deleted by the user from the GUI through java modular input?

PassAuth not working in Splunk 6.2

Why can only admin level users run the iplocation command when this wasn't an issue before?

When trying to apply my new SSL certificate to Splunk Web and restart, why does it just hang and the web server won't start?

Mobile Access Server APN and GCM did not work! Communicate via proxy not configurable?

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

Explore the Latest Educational Offerings from Splunk (November Releases)

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

Windows performance -Velocity SD Service Counters ...

Exporting ticket information from Mission Control

Use SSO and reverse proxy to skip the login page

Integrating LLM's into Splunk Dashboard

Enrich ES webhook event trigger alert with annotat...