Security

Community Activity

	Run of playbook on bulk events Hi all,I have a large number of events that have been ingested into SOAR from a Service Now queue.A large amount of t... by ThomasC New Member in Security 11-02-2023 0 0	0	0
	LDAP authentication: mapping empty groups Hi at all,I have to use in Splunk Enterprise an external authentication using LDAP.I'm mapping roles with AD groups.I... by gcusello SplunkTrust in Security 11-02-2023 0 3	0	3
	how do I check if a lookup table get updated with any output lookup command I have lookup table in splunk.I want check if ever been update in Splunk using output lookup command by karu0711 Communicator in Security 10-31-2023 0 1	0	1
	When enabling sslVerifyServerName for kvstore, the KVStore will not start? We are trying to implement the guidelines for enabling TLS Hostname verification (Configure TLS certificate host name... by HumanPrinter Explorer in Security 10-26-2023 0 2	0	2
	Token vs Username+Passphrase for REST API to Dedicated API User Hi!I am wondering whether there are any advantage to use token over username and passphrase/password when accessing R... by arifsaha Observer in Security 10-24-2023 0 1	0	1
	User not populating after onboarding LDAP and mapping AD groups to member roles Hi,I have onboarded my Splunk to the LDAP and subsequently mapped the AD group to the respective roles in Splunk. How... by MmxZero New Member in Security 10-23-2023 0 0	0	0
	regex to pull cn fields Hey everyone, I have this format - cn=<name>,ou=<>,ou=people,dc=<>,dc=<>,dc=<> that i'm pulling that i need to use o... by spluser1 Loves-to-Learn in Security 10-19-2023 0 5	0	5
	Splunk ES fortinet new source Hello,I was given the administration of a Splunk Enterprise Security and I am not familiarized, I have always used ma... by splunkcol Builder in Security 10-18-2023 0 1	0	1
	modify the saved splunk Alert using api looking for help in editing the saved Alert query using the api/curl .i would like to change the pod_count 9 to 12 . ... by venugoski Explorer in Security 10-16-2023 0 1	0	1
	Example data/incidents for ES Hello Team,I have my training Splunk instance with ES 7.1.I have used it for training and experiments. Question: is t... by MichalG1 Path Finder in Security 10-15-2023 0 4	0	4
	Does Splunk UF agent 9.0.1 supports AWS Linux 3 Does Splunk UF agent 9.0.1 supports AWS Linux 3? by Dhivakarpn Loves-to-Learn Lots in Security 10-09-2023 0 7	0	7
	Settings &manage app settings options I have created test user and assigned to viwer role, my requirements is to hide the settings & manage setting opti... by vijreddy30 Loves-to-Learn Everything in Security 10-05-2023 0 1	0	1
	Hide settings and manage apps setting Created test user and assign the viwer role, test user won't be see the settings option and manage app settings opt... by vijreddy30 Loves-to-Learn Everything in Security 10-05-2023 0 1	0	1
	Is there any search or shortcut to list out all the VPN usecases in my environment? Hi, Is there any specific fields in the vpn logs we can exclude, which are not needed for investigation so that we ca... by AL3Z Builder in Security 10-05-2023 0 5	0	5
	How getting login/logout accesses from a MS-Sql server stardard Ed. in Splunk? Hi, What is the smartest way to collect the login/logout accesses from a ms sql server without using the add-on or t... by skender27 Contributor in Security 10-04-2023 0 5	0	5
	REGEX command in props/transforms conf files for field extraction Hello,I was trying to use REGEX command within props/transforms conf files to extraction fields, but field extraction... by SplunkDash Motivator in Security 10-03-2023 0 2	0	2
	Host-based restriction Hi, I want to restrict access to different teams based on hosts but don't want to do it by creating multiple indexes ... by AMAN0113 Explorer in Security 10-01-2023 0 1	0	1
	Enabled TLS on web, now I can't log into the site - LDAP issues To start with, I am very new to Splunk and I've been stumbling my way through this with varying degrees of success. W... by Hiattech Explorer in Security 09-28-2023 0 1	0	1
	AWS Add On - SSL Validation Failed Error Hello,When I was trying to Add Account under AWS Configuration from SPLUNK UI, getting "SSL validation failed for htt... by SplunkDash Motivator in Security 09-26-2023 0 1	0	1
	SAML Configuration not working for Splunk Heavy Forwarders. I am trying to configure SAML SSO for my Splunk Heavy Forwarders. When I upload and save SP Metadata file and remaini... by roopeshalk New Member in Security 09-26-2023 0 1	0	1
	How to se up Restrictions on App-Level Logs in Splunk? Hi Team, I am reaching out to seek your valuable inputs regarding setting up restrictions on app-level logs under a p... by Manish_Sharma Engager in Security 09-25-2023 0 4	0	4
	How to use @myFile.spl to query Splunk API? Hello All I need to send a request to Splunk API from a Linux server but the Curl is complaining because the search a... by victorsalazar Explorer in Security 09-22-2023 0 1	0	1
	Learning about certificates in appsCA.pem HI, I am trying to learn more about the certificates found within the document /etc/auth/appsCA.pem .I'm referring to... by dc17 Explorer in Security 09-22-2023 0 0	0	0
	Why is data no showing from Kvlookup? Recently I have created a KVlookup using transforms .conf and collection.conf to get data from API. When KVlookup is ... by sbhatnagar88 Path Finder in Security 09-22-2023 0 1	0	1
	Why is Splunk SAML configuration not working? Hi,I have configured splunk with SAML authentication method and it was working fine until last week. We have updated ... by splunkgk Path Finder in Security 09-15-2023 0 3	0	3