Security

Community Activity

When will Splunk address the OpenSSL vulnerability issue (CVE-2014-0224, CVE-2014-0195, and CVE-2014-0198; OpenSSL <1.0.1h)? Splunk 6.1.1 is linked against OpenSSL 1.0.1g which has some security flaw (CVE-2014-0224, CVE-2014-0195, and CVE-201... by fbachabi Engager in Security 06-13-2014 0 2	0	2
auditing password changes Hi, Is there any record of when a password is changed for user accounts? I need to audit it for a security request. by a212830 Champion in Security 06-12-2014 1 1	1	1
Restricting access to an index I am trying to restrict access for a specific access. (Splunk 5.05) In the case below I don't want the power users t... by rmorlen Splunk Employee in Security 06-12-2014 0 4	0	4
admin account lockout Today we were unable to login to our splunk instance using the admin account. Had to reset the account using this pro... by anoopambli Communicator in Security 06-12-2014 0 2	0	2
Running Splunk 6.1.1 as non-privileged user, having issues Hi all. I am preparing for a production install of Splunk 6.1.1 (new install, 2 IDX, 2 SH w/ SHP, DS/License server ... by dhorn Path Finder in Security 06-11-2014 1 3	1	3
How do I reload authentication from CLI? My LDAP groups membership lists change often. I need a way to programmatically tell Splunk to reload authentication.... by the_wolverine Champion in Security 06-10-2014 3 2	3	2
SSO with Apache proxy server and when redirected to Splunk login page from proxy, it only shows "Loading..." I have enabled SSO login to Splunk utilizing SAML. SSO authentication is successful. Going to: https://splunkserver/d... by Ellen Splunk Employee in Security 06-10-2014 3 1	3	1
Application events stops forwarding We are noticing on an exchange server that gets lots of application events, after a given timeframe it stops forwardi... by rbal_splunk Splunk Employee in Security 06-09-2014 0 1	0	1
Most Secure Cipher Collection to Use with Splunk What would be the most "secure" cipher suite to use with Splunk. By most secure I mean, implements Perfect forward se... by jhernandez_splu Splunk Employee in Security 06-06-2014 0 3	0	3
SSL expired, now what? I have an indexer and forwarder. They have been configured with self sign cert ssl. Lets say the server cert has expi... by ben_leung Builder in Security 06-03-2014 0 2	0	2
Encountering error while setting up Splunk-Twitter connector app Hi, On installing the Splunk-Twitter connector app, when I try to set it up with my OAuth settings, I encounter an e... by ndas1 Engager in Security 06-01-2014 1 4	1	4
"Unknown sid" Error when doing multiple searches When I run multiple searches sometimes I get the "Unknown sid" with the orange triangle and exclamation mark under th... by ibbsplunk Engager in Security 05-30-2014 3 6	3	6
how do i access a field that is not listed? How do I access "processing_time" from the data below. I want to get the average time. It is not listed as a field. {... by dgonzales999 New Member in Security 05-30-2014 0 3	0	3
OpenSSL Heartbleed bug Hi, We have discovered that Splunk 6.0 is vulnerable to OpenSSL Heartbleed bug. Is there any patch to solve that is... by servere New Member in Security 05-28-2014 0 3	0	3
permissions question Hi, Once a view is created and made private, does a power user have the ability to change the permissions? I have s... by a212830 Champion in Security 05-27-2014 0 6	0	6
Unable to start splunkweb I'm having the following issue getting (splunkweb) to start running. In the web_service.log file it gives the followi... by albyva Communicator in Security 05-27-2014 0 1	0	1
How do i become a support portal admin? I would like to be able to add and remove my colleagues from my entitlement and i heard i need to be ticked off as a ... by vhallan_splunk Splunk Employee in Security 05-27-2014 0 1	0	1
Concurrent active users I have the following input: session id, login time, logout time. I'm trying to get a graph of concurrent active users... by rklein New Member in Security 05-26-2014 0 1	0	1
AD Authentication and Machine join domain I would like to know if it is mandatory for the Splunk server be a domain member server (joined domain) in order to u... by paulchan_ageas Explorer in Security 05-25-2014 0 2	0	2
Cannot open manifest file inside XXX: No such file or directory Hi folks, I'm troubleshooting some slowness we have on the platform. While looking at the splunkd_stderr.log, I noti... by jravida Communicator in Security 05-22-2014 0 2	0	2
Customized permissions for creating users only? Hello, I want to delegate the user creation to the service desk team. but I dont want to give them full admin permis... by hwahba New Member in Security 05-22-2014 0 2	0	2
Where to configure global permissions for app Hey guys, I have an app in a cluster that I would like to have global permissions to all apps. I can change this fro... by tbalouch Path Finder in Security 05-20-2014 1 1	1	1
Indexer Clustering and Block Signing? I am interested in Block Signing of events as described here : http://docs.splunk.com/Documentation/Splunk/6.1.1/Secu... by muebel SplunkTrust in Security 05-19-2014 2 2	2	2
Concurrent searches in Splunk (System wide & user specific) I do have Search head with 16 cores & 2Gb RAM Memory , using Splunk 5.x As , per the calculation for Concurrent sear... by splunker12er Motivator in Security 05-19-2014 0 1	0	1
change default splunk login web page I require and RSA pin&tokencode to be entered in the password field on the splunk login page. My managment has asked... by hartfoml Motivator in Security 05-19-2014 0 3	0	3