Security

Discussions

Thread Info

Taking over temporarily as a Splunk admin at work, how do I figure out how our 2 Splunk servers are configured in our environment?

I am taking over (temporarily) as the Splunk admin at my work. I am trying to figure out how things were setup for Sp...

by Explorer in

Is there a specific capability that will allow non-admin users to manage their own app without giving them access to create new apps or modify other apps?

Is there a specific capability that will allow non-admin users to manage their own app without giving them access to ...

by Explorer in

Error opening CA Certificate ca.pem

I just downloaded a new 6.1 copy of Splunk for FreeBSD. After a wget download and running (tar zxvf splunk-6.1.1-2077...

by Communicator in

How does multitenancy work in Splunk to restrict access to certain data for each team using Splunk in our organization?

Within my organization, I need to restrict access to certain log source to some department, How this can achieved? ...

by New Member in

ldapsearch lookup: write to lookup csv after search not working because filename was used in saved search

We discovered an odd problem (or maybe feature?): Given this in SA-ldapsearch [domain-lookup] |ldapsearch domai...

by Path Finder in

Whay am I getting a Handshake_failure with JavaSDK when the scheme is TLS?

I have a java application that uses SplunkSDK to connect to the splunk server over https. Recently the SSL was change...

by Explorer in

Certificate Errors for forwarder

So my certificates are originally from my Windows root certificate authority. One being the splunk cert which was in ...

by Explorer in

Is there a flat file where Splunk user names and assigned roles stored?

Hi folks, I was wondering if there was a flat file that exists where user account names & their assigned roles are st...

by Explorer in

Why am I getting errors with my Apache proxy and Splunk configuration running on the same server?

I have an Apache proxy running on the same server (CentOS 6) as Splunk (v 6.1.4). My proxy config looks like: P...

by New Member in

roleMap got updated to etc/system/local/authentication.conf during restart or reload auth

I've an app called auth_conf which is used to define authentication.conf. For example, etc/apps/auth_conf/local/...

by Splunk Employee in

Is it possible to send data for Splunk to ingest using a SSL_Socket or another method to verify incoming data is from a trusted source?

Is it possible to send data for Splunk to ingest using a SSL_Socket? Is there another method to verify that incoming ...

by Engager in

Java bridge not running and other DBConnect errors

I have been getting the following errors in DB Connect: Java bridge server not running Encountered the followin...

by Builder in

After upgrading to Splunk 6.2, why can I no longer log in using saved credentials in Safari 8.0?

Is it just me or Splunk 6.2 login page does not behave well in Safari 8.0? I've updated Splunk and now cannot logi...

by Path Finder in

Why am I getting an authentication error trying to add oneshot via CLI from a remote computer?

Trying to run a batch file to add a log file to splunk. Works fine if I run it locally but not from a remote computer...

by Path Finder in

How to search concurrent logins from geographically distinct locations during the same time period?

I want to find when a login is used from a significantly distinct location during the same time period. We are able t...

by Explorer in

After upgrading to Splunk 6.2, why can I no longer log in using Chrome and KeePass with saved credentials?

After I upgraded from 6.1.3 to 6.2, my Splunk login page no longer allows me to log in using chrome + keepass. Wha...

by Path Finder in

"The requested URL //en-US/ was not found on this server."

Accessing via ELB and a proxy, new install AMZ Linux. Login via the default url redirects to: en-US/account/login...

by New Member in

Why Splunk Version 6.2.2 static URL does not return latest file?

We use the static splunk web service to access static files. Example: http://splunkserver.com/en-US/static/app/appnam...

by Motivator in

Filtering DATA on a per ROLE basis

Hello, I am trying to create a multi-tenant app: I currently have 1 index that contains all the data. 2 databas...

by Super Champion in

Password field for Modular Input using Python SDK

Hi All, I'm trying to write a python app that requires a username and a password. I've written most of it up using...

by Path Finder in

Top Labels

access control 94
audit 43
authentication 112
encryption 41
LDAP 34
login 65
Other 199
permissions 72
SAML 29
SSL 90
SSO 31

Get Updates on the Splunk Community!

Security

Discussions

Taking over temporarily as a Splunk admin at work, how do I figure out how our 2 Splunk servers are configured in our environment?

Is there a specific capability that will allow non-admin users to manage their own app without giving them access to create new apps or modify other apps?

Error opening CA Certificate ca.pem

How does multitenancy work in Splunk to restrict access to certain data for each team using Splunk in our organization?

ldapsearch lookup: write to lookup csv after search not working because filename was used in saved search

Whay am I getting a Handshake_failure with JavaSDK when the scheme is TLS?

Certificate Errors for forwarder

Is there a flat file where Splunk user names and assigned roles stored?

Why am I getting errors with my Apache proxy and Splunk configuration running on the same server?

roleMap got updated to etc/system/local/authentication.conf during restart or reload auth

Is it possible to send data for Splunk to ingest using a SSL_Socket or another method to verify incoming data is from a trusted source?

Java bridge not running and other DBConnect errors

After upgrading to Splunk 6.2, why can I no longer log in using saved credentials in Safari 8.0?

Why am I getting an authentication error trying to add oneshot via CLI from a remote computer?

How to search concurrent logins from geographically distinct locations during the same time period?

After upgrading to Splunk 6.2, why can I no longer log in using Chrome and KeePass with saved credentials?

"The requested URL //en-US/ was not found on this server."

Why Splunk Version 6.2.2 static URL does not return latest file?

Filtering DATA on a per ROLE basis

Password field for Modular Input using Python SDK

Improve Your Security Posture

Maximize the Value from Microsoft Defender with Splunk

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Notable Response Actions -- Is there a way to over...

Does Splunk SOAR support mTLS?

Where I can request an annual application security...

Keycloak SAML configuration shows an invalid reque...

SAML Failed to parse issuer