Security

Discussions

Thread Info

Signature mismatch between license slave - but key/secret are the same

I reinstalled Splunk with clustering today. The problem is that I keep getting 'Signature mismatch between license sl...

by Explorer in

500 error on login

I try to login to the web console and get a 500 Internal Server Error. I've tried different solutions and they don't ...

by New Member in

Splunk 404 ERROR -

As an admin, I created the new user and assigned him user role who is basically able to view dashboards / searches. ...

by Explorer in

Dashboard Permission - View dashboard but don't have access to index

I create a Dashboard and I want to share this Dashboard with other Team, but this team don't have access for the inde...

by New Member in

Permission Issues when dealing with Splunk_TA_nix scripts

Hello All, I have a solid understanding of the files/ how to deploy this application but my issue is with permissi...

by Builder in

Using Splunk to identify SSO users that use NTLM

Does anyone have some SPL they could share that identifies SSO users that use NTLM to authenticate? Any help with thi...

by Communicator in

need to have a list of users who did not login to splunk indexer for more than 30 days

I need to find out the list of users who did not login to splunk for more than 30 days. I need to know when the user ...

by Explorer in

Limit index access to App only

I need to restrict the user to not to see indexes which are created in a specific App from Search App. Any suggestion...

by Path Finder in

"Saml response does not contain group information" SSO error

Would appreciate suggestions on how and what to change in our IdP environment and/or our Splunk instance's SAML confi...

by Contributor in

How to track a specific user login and logoff the past 30 days

Please excuse my lack of knowledge with Splunk but I need to track a user by login/logoff for the past 30 days. I loo...

by New Member in

Install SSL certificate on Splunk Index cluster master web

I need to install SSL certificate on splunk Index cluster master web. I created the csr and key on the server and got...

by Explorer in

Encrypting vales in Splunk conf file

I am writing a modular input in splunk and need to store API key and secret in a .conf file. I see how I can Rea the ...

by Builder in

How to alert a user when his maximum time window is excedeed

Hello, I created a specific role for some users with a defined maximum time window. Hence, these users are not allowe...

by Engager in

Why do nested AD groups not have access to Splunk cloud when everyone else in the AD group does (SAML setup)?

I am running into an issue where nested AD groups that are in my Splunk AD group do not get the access that everyone ...

by Explorer in

AzureAD SSO - Reply URL does not match

I am trying to set up SSO with Splunk and AzureAD. I have used these guides: https://docs.splunk.com/Documentation/Sp...

by Engager in

FIPS/SSL Incompatibility?

Attempting to install local/self-signed certs (Splunk Indexer houses Root CA with a cert distributed to all forwarder...

by Engager in

Why am I unable to "browse more apps" or install an app on Splunk Web?

I just installed Splunk Enterprise on my Mac. Started Splunk and got into Splunk Web UI. When I click the large Pl...

by Explorer in

Feature Request: Splunk Certificate Management GUI

While there is ample documentation on certificate generation and application to both Splunk Web, Indexers, and Forwar...

by Engager in

Best way to connect to HEC with Java SDK

Question: What is the best way to connect to HEC with the Java SDK? SDK JAR Version: 1.6.4.0 Currently, I am us...

by Explorer in

Using Dev Licenses for 6-7TB POC

I want to test throughput on a Splunk setup, but I will use a Dev 10GB license, but the traffic will be nearer 6-7TB ...

by Explorer in

Top Labels

access control 51
audit 14
authentication 48
encryption 21
LDAP 23
login 30
other 69
permissions 35
SAML 19
SSL 51
SSO 13

Security

Discussions

Signature mismatch between license slave - but key/secret are the same

500 error on login

Splunk 404 ERROR -

Dashboard Permission - View dashboard but don't have access to index

Permission Issues when dealing with Splunk_TA_nix scripts

Using Splunk to identify SSO users that use NTLM

need to have a list of users who did not login to splunk indexer for more than 30 days

Limit index access to App only

"Saml response does not contain group information" SSO error

How to track a specific user login and logoff the past 30 days

Install SSL certificate on Splunk Index cluster master web

Encrypting vales in Splunk conf file

How to alert a user when his maximum time window is excedeed

Why do nested AD groups not have access to Splunk cloud when everyone else in the AD group does (SAML setup)?

AzureAD SSO - Reply URL does not match

FIPS/SSL Incompatibility?

Why am I unable to "browse more apps" or install an app on Splunk Web?

Feature Request: Splunk Certificate Management GUI

Best way to connect to HEC with Java SDK

Using Dev Licenses for 6-7TB POC

SAML Integration issue

Enterprise Security -> Customizing Incident Review...

Adding Enterprise Security Identity data to a Splu...

Not able to configure splunk sso because the Host ...

Update to profile - email address