Security

Community Activity

Can I give access to one device's logs only instead of an entire index? I'd like to create a role in Splunk that gives access to one device's logs only instead of an entire index. Is thi... by aferone Builder in Security 07-12-2011 1 2	1	2
Are wildcard certificates supported with Splunk and https? wondering if Splunk https works with third-party wildcard certs. so far I got my Splunk indexer to start using my th... by maverick Splunk Employee in Security 07-06-2011 0 1	0	1
Setting up third-party wildcard certs with Splunk My understanding on the knowledge base article located here... http://www.splunk.com/base/Documentation/latest/Admin... by maverick Splunk Employee in Security 07-06-2011 0 1	0	1
Which SSL certificates are supported I'm trying to set up our infrastructure to use SSL encrypted connections. For this purpose I want to use existing sys... by thscheidegger Explorer in Security 06-30-2011 3 2	3	2
Web Console Hello all, its told that the file in "c:/programfiles/splunk/etc/system/local/server.conf" in windows, has to be modi... by infosec_skrc Explorer in Security 06-28-2011 0 5	0	5
Splunk server login I just installed the current version of Splunk on my Fedora Core 14 laptop. There is an option at login for Splunk S... by stevengrigg New Member in Security 06-27-2011 0 2	0	2
Local Splunk Authentication What is the full mechanism of the local Splunk authentication? What hashing algorithm does it use? Does it use a sal... by fman82 Explorer in Security 06-24-2011 1 1	1	1
Access Controls on a single index Is it possible to limit a user to see and search logs from a certain list of hosts with only one index? by andrewkerr Engager in Security 06-23-2011 1 1	1	1
Force tags to be public upon creation We have a review process set up in Splunk where multiple end users log in and tag individual events. These tags MUST ... by Jason Motivator in Security 06-21-2011 2 5	2	5
Permissions on dashboards for a custom defined role I have created a custom role that will serve as the admin role for a given application. For a dashboard object, I hav... by avlahutin Explorer in Security 06-17-2011 0 12	0	12
Splunk startup script, start as splunk user Hi, I recently installed the new Splunk Universal Forwarder. I use the built-in bootup script that comes with Splunk,... by joberget Path Finder in Security 06-15-2011 2 2	2	2
scheduled searches not showing as scheduled I've got about 5 searches that I want to be scheduled so that I can include them in a dashboard. I've set them all t... by jstockamp Communicator in Security 06-15-2011 0 4	0	4
Enabling sslv3 in server.conf with remote Splunk agents I have to update the local file server.conf to allow only sslv3 on an indexer (4.1.3) due to a recent audit. There ar... by lisaac Path Finder in Security 06-15-2011 3 2	3	2
how to setup security event logging linux Hi this is a setup question for compliance monitoring. I have a linux box, so I index everything under /var/log. I ... by pontifor New Member in Security 06-11-2011 0 1	0	1
not picking up monitored file - No configurations match I have a very similar issues as MasterOogway mine is just on Windows. Running ver 4.1.6 I have a simple monitor set t... by gekoner Communicator in Security 06-01-2011 1 5	1	5
Is there any way to tell deployment client that the deployment server is not running ssl? I have splunkd configured to run without ssl. It removes some hassle with self signed certificates, and eliminating ... by vbumgarn Path Finder in Security 05-31-2011 4 7	4	7
Symantec Endpoint Protection (SEP) firewall logs Hello All, Has anyone figured out a good way to perform field extractions on the data contained in SEP firewall logs... by fervin Path Finder in Security 05-31-2011 0 1	0	1
Using Certs with Splunk? When using Certificate Authentication within Splunk, are they self-signed, or can I use third-party certs as well? by maverick Splunk Employee in Security 05-27-2011 1 1	1	1
Captain Picard's Star fleet messages Hi Splunk- and other Gurus Assumption: Captain Picard's room is a high security Environment, so him and only himsel... by MuS SplunkTrust in Security 05-24-2011 15 3	15	3
IOError: [Errno 37] No locks available I am trying to install Splunk 4.2.1 on a CentOS 5 (64-bit) box. It starts with no problem, but when I try to connect ... by tektsu New Member in Security 05-24-2011 0 3	0	3
LDAP tuning 4.2 I have set up LDAP access to the GC (3268) and it works great. However, i am now noticing that there is a lot of tra... by EricPartington Communicator in Security 05-21-2011 1 2	1	2
Allowed indexes for Inheritance role When I configure an allowed index for a role, and I choose Inheritance for another role. Users for this new roll dont... by Starlette Contributor in Security 05-13-2011 0 1	0	1
How do I get Splunk to serve other content Since Splunk has a webserver how can I have it serve alternate HTML pages? I'd like to provide some simple instructi... by matt Splunk Employee in Security 05-12-2011 0 2	0	2
Splunk web can not start Hello, For some reason, splunkweb fails to start in first, my version is 4.2.1 any ideas where i can look for to ... by whitelord90 Explorer in Security 05-08-2011 2 4	2	4
strange error trying to set up a simple setup.xml example I'm encountering some difficulties trying to get setup.xml working reliably across multiple apps. When I take a ste... by sideview SplunkTrust in Security 05-05-2011 2 4	2	4