Security

Community Activity

Universal Forwarder Technology Add-On Dear Team,I installed enterprise security on the search head and downloaded Splunk_TA_ForIndexer from ES General sett... by Mohamad_Alaa Path Finder in Security 11-26-2023 0 15	0	15
I need help locating the Logbinder logs paths that are actively used. I was told I can find the list using Splunk's TA I need help locating the Logbinger log paths that are actively used in some of our servers. I was told I can find the... by GIA Path Finder in Security 11-24-2023 0 4	0	4
Creating new custom roles Hello,I manage Splunk hybrid (cloud SH, on-premise DS, HF etc). I have task to create custom roles and R-B-A-C.I have... by Jack90 Explorer in Security 11-24-2023 0 4	0	4
Methods for Obtaining REST API via Proxy in Splunk Add-on Builder I attempted to retrieve REST API in a proxy environment using Splunk Add-on Builder, but was unsuccessful. The proxy ... by yd-kawano Loves-to-Learn Lots in Security 11-23-2023 0 0	0	0
Verifying Secure Communication between forwarders and indexers I recently enabled SSL connection between forwarders and indexers. When I check the metrics log for a UF with SSL ena... by anoopdi Path Finder in Security 11-21-2023 2 6	2	6
Is there some permission I can assign to users to allow them to upload images without asking an admin/power user? https://docs.splunk.com/Documentation/DashApp/0.9.0/DashApp/chartsImage When you upload an image, it is stored in the... by jonaclough Path Finder in Security 11-20-2023 0 5	0	5
Getting error "unsupported certificate" when configuring TLS on management port 8089 Hi all,I'm trying to configure SSL certificate for management port 8089 on Manager Node and Indexers.In file $SPLUNK_... by DaisyNguyen Loves-to-Learn Lots in Security 11-19-2023 0 1	0	1
Field Extraction Using Tranforms Configration Hello,I have some issues to perform field extractions using transform configuration. It's not giving field value pair... by SplunkDash Motivator in Security 11-18-2023 0 2	0	2
Report that shows login failure events occurred on the previous day grouped by source user Hello, I need to generate the below report, can someone help please? thank you!! format: .csv List of events: authent... by GIA Path Finder in Security 11-17-2023 0 7	0	7
Splunk tag permission error I've Admin rights and when I click on any tag permission (Settings --> tags), I get the following error:The requested... by SorayyaK Loves-to-Learn in Security 11-16-2023 0 0	0	0
How do i re-ingest data from a particular source? I had a missing data from a certain date and time range. How would i re-ingest the data into splunk from a UF. Belo... by sathiyasun Explorer in Security 11-15-2023 0 1	0	1
Forgot Pass4symmKey Hi All, Is their any way to decrypt splunk encrypted-pass4symmkey or else will splunk team support for the plain text... by nerelluk New Member in Security 11-15-2023 0 27	0	27
_time is 6hrs behind but the event time is real time. I have this props.conf TIME is almost 6hrs off from the event time. Below is my props.[app_log]CHARSET=UTF-8LINE_BREA... by sathiyasun Explorer in Security 11-14-2023 0 1	0	1
Indexers and HF to License Master SSL Enablement Hi Team,At present, SSL encryption is enabled between the Universal Forwarder (UF) and the Heavy Forwarder (HF), whil... by VK18 Explorer in Security 11-14-2023 0 2	0	2
Splunk Cloud MFA with Google Authenticator Hi All,For the current version of Splunk Cloud, does it allow the integration with Google Authenticator for Multi-Fac... by ChrisValibia Loves-to-Learn Lots in Security 11-13-2023 0 1	0	1
How do you renew webserver certificate for Splunk systems? Each server has a webserver certificate issued to their name. These certificates are expiring soon. We need to 1. R... by rsantoso_splunk Splunk Employee in Security 11-11-2023 0 4	0	4
Security reference how to secure data inbound to splunk from a monitored device Hi Folks, I'm looking for a document that will help me understand my options for ensuring the integrity of data inbou... by Erbrown Observer in Security 11-08-2023 0 1	0	1
Unable to Setup SAML with Custom IDP [Unsupported signature algorithm] Hi all,I am trying to set up SAML with my Custom IDP but Splunk is returning an Unsupported algorithm error even if t... by sarwan123 New Member in Security 11-07-2023 0 0	0	0
Configuring Google IDP SAML for Group membership based SSO? Hi, I am trying to use our Google Idp (Google workspace) to enable SSO on our Splunk. I followed this link and it... by aamer86 Path Finder in Security 11-03-2023 0 1	0	1
Data Masking Kindly help on how to mask the password present in the field "securityToken" in the IIS logs. Sample event for refer... by anandhalagaras1 Contributor in Security 11-03-2023 0 7	0	7
Run of playbook on bulk events Hi all,I have a large number of events that have been ingested into SOAR from a Service Now queue.A large amount of t... by ThomasC New Member in Security 11-02-2023 0 0	0	0
LDAP authentication: mapping empty groups Hi at all,I have to use in Splunk Enterprise an external authentication using LDAP.I'm mapping roles with AD groups.I... by gcusello SplunkTrust in Security 11-02-2023 0 3	0	3
how do I check if a lookup table get updated with any output lookup command I have lookup table in splunk.I want check if ever been update in Splunk using output lookup command by karu0711 Communicator in Security 10-31-2023 0 1	0	1
When enabling sslVerifyServerName for kvstore, the KVStore will not start? We are trying to implement the guidelines for enabling TLS Hostname verification (Configure TLS certificate host name... by HumanPrinter Explorer in Security 10-26-2023 0 2	0	2
Token vs Username+Passphrase for REST API to Dedicated API User Hi!I am wondering whether there are any advantage to use token over username and passphrase/password when accessing R... by arifsaha Observer in Security 10-24-2023 0 1	0	1