Security

Discussions

Thread Info

Is there a way to copy over existing users and their roles to new a Splunk instance?

I am building out a new instance of splunk on new servers. I want to know is their a way to port over the existing us...

by Explorer in

Why am I getting "Permission denied for attachment" in Gmail when using the Splunk Mobile App (Android) to share a report as an attachment?

Using the Splunk Mobile App (for Android), when I try to share a report via Gmail (send it as attachment), in Gmail I...

by Path Finder in

Can I set dynamic navigation menus by role?

Splunk enterprise version : 6.2.3 I'm using Django. ex) role - A menu navigation : A,B,C role - B menu navig...

by Explorer in

Is there a smart way to assign user owned private elements to a new owner?

Hi, We always run into the problem where people leave our organization, we delete their account in Splunk, but wan...

by Contributor in

Splunk Cloud IP range

Hi, We are in the process of moving from Splunk on premise to Splunk Cloud and we need to configure LDAPS authenti...

by Engager in

Capability to assign to user role to view and add data inputs

Hi, What is the capability to assign to a user role so that it is able to access and configure data inputs via "Ma...

by Path Finder in

How to make session cookies secure and httponly in Splunk 6.2.1?

We have splunk 6.2.1 running in our environment. As part of security review procedures, any dashboards we create need...

by Path Finder in

Why is our Splunk LDAP / Active Directory authentication not showing security groups?

We've inherited a Splunk deployment that is authenticating against Active Directory with LDAP. We can see users an...

by New Member in

Splunk Cloud user invitation login

Hello, I have been invited by my colleague as a user in Splunk Cloud, but I can not login with the link that I am ...

by Path Finder in

Delete the roles power and user

I define specific roles for each team. I don't particularly see a use for the Power or User roles. In fact, I find it...

by Contributor in

After mapping groups to roles configuring Splunk to allow LDAP authentication, why am I unable to log in with any of those users?

I'm trying to configure Splunk to allow LDAP authentication. I select "Configure Splunk to use LDAP and map groups" a...

by Path Finder in

How to issue splunk web cert using createssl

Hi there, I'm trying to use the native CA on my splunk server but reissue my splunk web cert for it to use a 2048 ...

by Explorer in

Does anyone know how and if I should remove unneeded server roles?

Dear All, I have a 5-server infrastructure set up, with one Search Head, Two Clustered Indexers, A Cluster Manager...

by Communicator in

If I have a Splunk instance that doesn't have direct internet access, what firewall rules are needed to check for new apps or product updates?

I have a splunk instance that doesn't have direct access to the Internet. I will need to open up a rule to allow traf...

by Path Finder in

Daily License Usage by Host

I want to see my daily usage but have it list by host instead of date.

by Engager in

How do I disable password change for a particular Splunk user via Splunk Web?

I know that we can disable password change for all Splunk users by running the following command on the Search Head: ...

by Engager in

Splunk CLI permissions and restrictions

Hi, We are administering Splunk for a number of groups. One of these groups is more splunk-sophisticated and has ...

by Path Finder in

Collecting logon/logoff logs from Active Directory and put them into Splunk

Hi all! My managment wants that we collect all logon and logoff attempts into Windows PCs. We have Active Director...

by Engager in

Configuring an LDAP group in Splunk 6.2.x, we're getting error "LDAP server warning:size limit exceeded". How do we increase the limit or fix this error?

When we were trying to configure a generic LDAP group, we got this error in Splunk 6.2.x: "LDAP server warning: si...

by Path Finder in

How do I define a user role that is able to restart splunk, but is not a full admin?

I am trying to define a user role that is able to restart splunk, but is not a full admin. Right now, the role inh...

by Path Finder in

How to protect Splunk login page from Brute force attacks? Is there a way to limit the number of failed login attempts per user?

I have to check if Splunk is compliant with the security rules at my company. I tried to login 10 times into Splunk w...

by New Member in

How can I force a specific ECDHE cipher to communicate with the Splunk web interface?

The cipherSuite parameter desired has been configured in $SPLUNK_HOME/etc/system/local/web.conf, but when I restart S...

by Splunk Employee in

How is the BindDN used for LDAP authentication (or: does BindDN need to be in each identified group?)

Hi there I've asked this question in two ways to hedge my bets as I'm trying to understand the mechanism for using...

by New Member in

As a Splunk front end user, would I be able to see why logs from certain locations on a server are available on Splunk but not from others?

From a particular Server, we are able to see logs on Splunk from certain locations, but for others, there are no logs...

by New Member in

Installing and running splunk as splunk user when user is in AD/LDAP

Couple of facts: I am installing Splunk from the source (*.tgz file).Our Splunk account is part of AD/LDAP A fe...

by Builder in

Get Updates on the Splunk Community!

Security

Discussions

Is there a way to copy over existing users and their roles to new a Splunk instance?

Why am I getting "Permission denied for attachment" in Gmail when using the Splunk Mobile App (Android) to share a report as an attachment?

Can I set dynamic navigation menus by role?

Is there a smart way to assign user owned private elements to a new owner?

Splunk Cloud IP range

Capability to assign to user role to view and add data inputs

How to make session cookies secure and httponly in Splunk 6.2.1?

Why is our Splunk LDAP / Active Directory authentication not showing security groups?

Splunk Cloud user invitation login

Delete the roles power and user

After mapping groups to roles configuring Splunk to allow LDAP authentication, why am I unable to log in with any of those users?

How to issue splunk web cert using createssl

Does anyone know how and if I should remove unneeded server roles?

If I have a Splunk instance that doesn't have direct internet access, what firewall rules are needed to check for new apps or product updates?

Daily License Usage by Host

How do I disable password change for a particular Splunk user via Splunk Web?

Splunk CLI permissions and restrictions

Collecting logon/logoff logs from Active Directory and put them into Splunk

Configuring an LDAP group in Splunk 6.2.x, we're getting error "LDAP server warning:size limit exceeded". How do we increase the limit or fix this error?

How do I define a user role that is able to restart splunk, but is not a full admin?

How to protect Splunk login page from Brute force attacks? Is there a way to limit the number of failed login attempts per user?

How can I force a specific ECDHE cipher to communicate with the Splunk web interface?

How is the BindDN used for LDAP authentication (or: does BindDN need to be in each identified group?)

As a Splunk front end user, would I be able to see why logs from certain locations on a server are available on Splunk but not from others?

Installing and running splunk as splunk user when user is in AD/LDAP

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

Explore the Latest Educational Offerings from Splunk (November Releases)

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

Windows performance -Velocity SD Service Counters ...

Exporting ticket information from Mission Control

Use SSO and reverse proxy to skip the login page

Integrating LLM's into Splunk Dashboard

Enrich ES webhook event trigger alert with annotat...