Security

Community Activity

How to configure Heavy forwarder syslog output with TLS? Hi, We can configure a heavy forwarder to send syslog data from Splunk to a third party. How do we this flow to use T... by gabrielsz Explorer in Security 06-15-2022 1 1	1	1
How to use Splunk & NodeJS to establish a connection and pull data from Splunk? Hi, My team and I are currently developing a website which needs to pull data from Splunk and insert it into visualiz... by gregory__ Engager in Security 06-13-2022 0 1	0	1
Why are Splunk and Azure logons not being recorded? I'm not sure if this is the correct board. We run Splunk 8.2.1 on Linux. Lately a number of our domain users have bee... by peters49 Explorer in Security 06-10-2022 0 0	0	0
How to see users logging in from more than one country? I would like to only show users loging into multiple countrys. How would i manipulate this search to do that? index="... by LANGLEYJ New Member in Security 06-09-2022 0 3	0	3
Verifying TLS 1.2 Cipher suites disabled? We have a PCI requirement to disable TLS1.1 or TLS1.0 cipher suites such as - TLSv1.0 TLS_DHE_RSA_WITH_AES_128_CBC_S... by sonicZ Contributor in Security 06-07-2022 0 1	0	1
Why am I unable to connect web port 8000? Dears, I am new to splunk,just installed trail versions through wget, Splunkd is running but unable to connect with 8... by SudheerChilu New Member in Security 06-06-2022 0 1	0	1
Can we hide splunk bar base on role or user? Hello,Whenever a user logins to Splunk with some role, I want to hide the Splunk App bar from that specific user/role... by Raymond2T Path Finder in Security 06-02-2022 0 2	0	2
Create an alert that sends emails to addresses that are identified as a field value Hello guys. Looking for some help from the experts.I want to create an alert that will send emails to specific mailbo... by pstamati Path Finder in Security 06-01-2022 0 4	0	4
Is Cyberark PAM/PSM user integration with Splunk possible? Hello, I am requested to make a study on the possibility to integrate Splunk authentication/authorization with Cybe... by FrancoiseMathy New Member in Security 05-30-2022 0 1	0	1
Is SELinux officially supported for Splunk Enterprise? Hello, Is SELinux officially supported for Splunk Enterprise ? If yes, could you share instructions for 6.5.4 or 6.6.... by attilatar Explorer in Security 05-30-2022 0 5	0	5
How to set maintenance mode for indexer cluster with hashed password? Hi all I am having issues trying to script enabling and disabling maintenance mode with a hashed password. The comman... by leonaheidern2 Loves-to-Learn Everything in Security 05-27-2022 0 5	0	5
How to do email Domain Change? My company was acquired, we just migrated email domains, but need to update all user's email addresses so they can us... by twoods450 New Member in Security 05-26-2022 0 2	0	2
Why am I unable to access Splunk web from different country? I created AWS EC2 instance and installed Splunk Enterprise on that. Opened all rules for port 8000 and 8089. I can op... by splunkn Communicator in Security 05-26-2022 0 1	0	1
CentOS EOL problem-Will Splunk support after upgrade? Hello, we are planning to Upgrade from verison 8.0.1 to 8.26 (the latest version), but we see that CentOS reaches End... by ERMIRA Engager in Security 05-26-2022 0 1	0	1
How to Display whether a user has access to an index Hi! We are using a dashboard that displays all the indexes and information about those indexes. I would like to have ... by SevenDos Explorer in Security 05-24-2022 0 2	0	2
How to restrict user access to specific fields in index Hi, I am currently running Splunk 8.1.9 Is it possible to create a role, that will allow a user to access only speci... by madcow Loves-to-Learn Lots in Security 05-18-2022 0 4	0	4
Why is InfoSec App Not Displaying Correct Active Directory Info? I am currently monitoring AD account data using InfoSec. However, the number of accounts under the "Compliance" tab a... by dvincent13 New Member in Security 05-17-2022 0 0	0	0
Security Essentials Accelerated DataModel- App tells me that there isn't the accelerated "Change" Data Model Hi at all, I'm trying to implement some Use Cases from Security Essentials App, using AWS data. I found the following... by gcusello SplunkTrust in Security 05-16-2022 0 0	0	0
¿Por qué los secretos están enmascarados en Jenkins y no en Splunk? ¿Por qué los secretos están enmascarados en Jenkins y no en Splunk? En los logs de jenkins utilizando withcredentials... by wueyca Observer in Security 05-10-2022 0 1	0	1
What capabilities are needed for a non-admin user to update Server Classes and Clients in Settings -> Forwarder Management We've got a special role for non-admin security team members and I'd like some of them to be able to use Forwarder Ma... by wrangler2x Motivator in Security 05-06-2022 0 7	0	7
Why the error when subscribing to our RSS feed for Splunk Product Security announcements? Hi, I am trying to subscribe to the RSS feed for Splunk Product Security announcements on https://www.splunk.com/en_u... by RyanOng Engager in Security 05-04-2022 0 2	0	2
CrowdStrike Add-on stops with Error Our CrowdStrike Add-on stopped pulling logs via the API giving this error 2021-05-01 19:03:31,879 ERROR pid=31672 t... by guarisma Contributor in Security 05-04-2022 0 3	0	3
Is Splunk UF vulnerable to SVD-2022-0502 ?? The advisory (https://www.splunk.com/en_us/product-security/announcements/svd-2022-0502.html) talks about Splunk Ente... by gordo32 Communicator in Security 05-03-2022 0 1	0	1
How to ingest Untangle logs (NG Firewall) into Splunk? Greetings, For a long time, I have wanted to ingest untangle logs (Firewall, IDS/IPS, OpenVpn, and Web Filtering) i... by bborodach Engager in Security 05-03-2022 1 2	1	2
Splunk on call slack permissions Hi all, I would like to configure the splunk on call slack add on but when an admin wanted to approve the integration... by johnrogers New Member in Security 04-29-2022 0 0	0	0