Security

Community Activity

Scripted authentication (radius) not re-authenticating when new browser loaded We are trying to use radius scripted authentication and have it working. We found an issue (well, we think it is an i... by tawollen Path Finder in Security 10-05-2010 0 2	0	2
Making changes on the app level rather than user level Whenever I (admin user) make a customization to the search app in Splunk, such as a field extraction, Splunk saves th... by Branden Builder in Security 10-05-2010 0 2	0	2
Parse Log Messages I'm sending a series of events to Splunk with their own time stamp and username info that I built independently of Sp... by mspiegel New Member in Security 10-05-2010 0 3	0	3
Unable to configure SSL even with built-in certs Splunk 4.1.5, CentOS 5.5 64-bit I am trying to configure SSL for forwarding/receiving data, a-la this question: http... by Docjowles New Member in Security 09-30-2010 0 2	0	2
Can Splunk receive rsyslog encrypted messages? Can Splunk receive rsyslog excrypted messages via TCP or should I use a LWF with SSL turned on? by tjohnston2 Splunk Employee in Security 09-28-2010 1 1	1	1
Disable OpenSSL What are all of the possible uses of OpenSSL with Splunk? If you wanted to disable OpenSSL or remove it from Splunk,... by gsawyer1 Engager in Security 09-28-2010 0 5	0	5
how to load/save files under $Splunk\etc\users\USER_NAME\APP_NAME i have extended a Splunk module, and in it i would like to load/save some data. moreover, i want to bind that data to... by William Path Finder in Security 09-26-2010 0 2	0	2
Active Directory Authentication has stopped working for new users Hi, We are currently running 4.1.4, using Active Directory authentication, and we're running into an issue where new... by g3s1oa Explorer in Security 09-25-2010 1 1	1	1
Unable to login to AD Authenticated Web Interface Hello Ladies and Chaps, I'm having some issues connecting to the web interface for our Splunk search head. Now i'm pr... by dalgibbard Engager in Security 09-24-2010 1 1	1	1
Disable or increase truncation of hostnames and timestamp Hello, we have longer hostnames. Like "gateway_chvj500ld800.mycompany.net". Its truncated to something like "gatewa... by JensT Communicator in Security 09-23-2010 0 4	0	4
Is there a max number for MAX_EVENTS? I didn't find it mentioned anywhere in the documentation. I might have overlooked it. http://www.splunk.com/base/Doc... by Nicholas_Key Splunk Employee in Security 09-18-2010 0 2	0	2
Enterprise License update We'v got license violations six times with 500MB license level, but when we update with new license level 20G(stop th... by hjwang Contributor in Security 09-17-2010 0 4	0	4
Cisco Ironport Searches I am trying to run the searches that come with the Ironport Web Security portion of Cisco Security for Splunk, and no... by aatuckett New Member in Security 09-15-2010 0 1	0	1
nix app and permissions. This is largely an observation unless i am missing something: on the nix app of the free version of splunk some file... by dritan Engager in Security 09-14-2010 2 1	2	1
Preserve search queries by the querystring If I close my web browser with search results up, then on restart of the web browser I end up at the "flashtimeline" ... by Tom Engager in Security 09-14-2010 1 4	1	4
What permissions are required to share lookup files? I have a Power user who is creating his own lookup files. This works great but he's unable to share the file for oth... by the_wolverine Champion in Security 09-14-2010 2 1	2	1
How do Splunk releases integrate security patches for dependent libraries? Splunk includes as part of its own installation several other dependent packages, like: OpenSSLPythonCherryPyzliblib... by dwaddle SplunkTrust in Security 09-13-2010 3 2	3	2
Search events against a lookup table and show matching count Hey Guys, I am trying to figure out an approach to a problem I have, I have my firewall sending logs to splunk which... by jerrad Path Finder in Security 09-10-2010 1 2	1	2
Several SSO issues ( user issues & logout page) I just set up our Splunk server to authenticate against our SSO infrastructure using the Apache proxy (on Linux). I ... by tawollen Path Finder in Security 09-05-2010 3 1	3	1
Limit administrator capabilities Hello, I would like to know if is it possible and how to hide logs for the administrator user (or role), user that wo... by cafissimo Communicator in Security 09-03-2010 0 1	0	1
Can I change the Splunk login page? I am looking for a way to display a custom banner to users before they log in. Is there a supported way of changing t... by mctester Communicator in Security 09-02-2010 2 2	2	2
Splunk Web login user IP address correlation? Hi, there seems to be no IP address form where user logged to Splunk Web in _audit index. I've tried to correlate eve... by gljiva Path Finder in Security 09-02-2010 1 2	1	2
Encrypting indexed data on rest For compliance purposes, how would I encrypt indexed data events on disk, such that it's secure while at rest? Also, ... by maverick Splunk Employee in Security 09-01-2010 4 2	4	2
Getting obscure error message: Splunk could not update permissions for resource admn/win-event-log collections Splunkd internal error New to splunk, testing things out but I've hit a wall... I'm trying to do remote windows event log collection on a W... by wmysplunk New Member in Security 08-31-2010 0 1	0	1
Restrict Users per IP Is it possible to restrict the admin user to login from for example 192.168.0.2 address only? by joberget Path Finder in Security 08-31-2010 0 3	0	3