Security

Community Activity

	Field Extraction Using Tranforms Configration Hello,I have some issues to perform field extractions using transform configuration. It's not giving field value pair... by SplunkDash Motivator in Security 11-18-2023 0 2	0	2
	Report that shows login failure events occurred on the previous day grouped by source user Hello, I need to generate the below report, can someone help please? thank you!! format: .csv List of events: authent... by GIA Path Finder in Security 11-17-2023 0 7	0	7
	Splunk tag permission error I've Admin rights and when I click on any tag permission (Settings --> tags), I get the following error:The requested... by SorayyaK Loves-to-Learn in Security 11-16-2023 0 0	0	0
	How do i re-ingest data from a particular source? I had a missing data from a certain date and time range. How would i re-ingest the data into splunk from a UF. Belo... by sathiyasun Explorer in Security 11-15-2023 0 1	0	1
	Forgot Pass4symmKey Hi All, Is their any way to decrypt splunk encrypted-pass4symmkey or else will splunk team support for the plain text... by nerelluk New Member in Security 11-15-2023 0 27	0	27
	_time is 6hrs behind but the event time is real time. I have this props.conf TIME is almost 6hrs off from the event time. Below is my props.[app_log]CHARSET=UTF-8LINE_BREA... by sathiyasun Explorer in Security 11-14-2023 0 1	0	1
	Indexers and HF to License Master SSL Enablement Hi Team,At present, SSL encryption is enabled between the Universal Forwarder (UF) and the Heavy Forwarder (HF), whil... by VK18 Explorer in Security 11-14-2023 0 2	0	2
	Splunk Cloud MFA with Google Authenticator Hi All,For the current version of Splunk Cloud, does it allow the integration with Google Authenticator for Multi-Fac... by ChrisValibia Loves-to-Learn Lots in Security 11-13-2023 0 1	0	1
	How do you renew webserver certificate for Splunk systems? Each server has a webserver certificate issued to their name. These certificates are expiring soon. We need to 1. R... by rsantoso_splunk Splunk Employee in Security 11-11-2023 0 4	0	4
	Security reference how to secure data inbound to splunk from a monitored device Hi Folks, I'm looking for a document that will help me understand my options for ensuring the integrity of data inbou... by Erbrown Observer in Security 11-08-2023 0 1	0	1
	Unable to Setup SAML with Custom IDP [Unsupported signature algorithm] Hi all,I am trying to set up SAML with my Custom IDP but Splunk is returning an Unsupported algorithm error even if t... by sarwan123 New Member in Security 11-07-2023 0 0	0	0
	Configuring Google IDP SAML for Group membership based SSO? Hi, I am trying to use our Google Idp (Google workspace) to enable SSO on our Splunk. I followed this link and it... by aamer86 Path Finder in Security 11-03-2023 0 1	0	1
	Data Masking Kindly help on how to mask the password present in the field "securityToken" in the IIS logs. Sample event for refer... by anandhalagaras1 Contributor in Security 11-03-2023 0 7	0	7
	Run of playbook on bulk events Hi all,I have a large number of events that have been ingested into SOAR from a Service Now queue.A large amount of t... by ThomasC New Member in Security 11-02-2023 0 0	0	0
	LDAP authentication: mapping empty groups Hi at all,I have to use in Splunk Enterprise an external authentication using LDAP.I'm mapping roles with AD groups.I... by gcusello SplunkTrust in Security 11-02-2023 0 3	0	3
	how do I check if a lookup table get updated with any output lookup command I have lookup table in splunk.I want check if ever been update in Splunk using output lookup command by karu0711 Communicator in Security 10-31-2023 0 1	0	1
	When enabling sslVerifyServerName for kvstore, the KVStore will not start? We are trying to implement the guidelines for enabling TLS Hostname verification (Configure TLS certificate host name... by HumanPrinter Explorer in Security 10-26-2023 0 2	0	2
	Token vs Username+Passphrase for REST API to Dedicated API User Hi!I am wondering whether there are any advantage to use token over username and passphrase/password when accessing R... by arifsaha Observer in Security 10-24-2023 0 1	0	1
	User not populating after onboarding LDAP and mapping AD groups to member roles Hi,I have onboarded my Splunk to the LDAP and subsequently mapped the AD group to the respective roles in Splunk. How... by MmxZero New Member in Security 10-23-2023 0 0	0	0
	regex to pull cn fields Hey everyone, I have this format - cn=<name>,ou=<>,ou=people,dc=<>,dc=<>,dc=<> that i'm pulling that i need to use o... by spluser1 Loves-to-Learn in Security 10-19-2023 0 5	0	5
	Splunk ES fortinet new source Hello,I was given the administration of a Splunk Enterprise Security and I am not familiarized, I have always used ma... by splunkcol Builder in Security 10-18-2023 0 1	0	1
	modify the saved splunk Alert using api looking for help in editing the saved Alert query using the api/curl .i would like to change the pod_count 9 to 12 . ... by venugoski Explorer in Security 10-16-2023 0 1	0	1
	Example data/incidents for ES Hello Team,I have my training Splunk instance with ES 7.1.I have used it for training and experiments. Question: is t... by MichalG1 Path Finder in Security 10-15-2023 0 4	0	4
	Does Splunk UF agent 9.0.1 supports AWS Linux 3 Does Splunk UF agent 9.0.1 supports AWS Linux 3? by Dhivakarpn Loves-to-Learn Lots in Security 10-09-2023 0 7	0	7
	Settings &manage app settings options I have created test user and assigned to viwer role, my requirements is to hide the settings & manage setting opti... by vijreddy30 Loves-to-Learn Everything in Security 10-05-2023 0 1	0	1