Security

Community Activity

SAML/SSO Failed to parse issuer I have been working to try to authenticate with SAML and have been unable to figure out why we're not able make it wo... by steve_price New Member in Security 02-16-2022 0 1	0	1
Is it an invalid source sending data to splunktcp port or valid source sending unsupported payload? I am setting up TCP with TLS. Currently I have a Syslog Server sending data to my Splunk Instance but my Message is b... by Marco_Develops Path Finder in Security 02-16-2022 0 5	0	5
How to view Forwarding & Receiving link in my Splunk Cloud account? We have a Splunk cloud account for my organization. But I don’t see Forwarding & Receiving link in Settings menu. Is ... by psuthakar New Member in Security 02-15-2022 0 3	0	3
SSL Certificate on AWS Application Load Balancer: how to resolve the SSL Self Signed Cert Vulnerability for port 8089? Hi Team, We are using Splunk in AWS EC2 Instance. The SSL Certificate is uploaded on the AWS Application Load Balance... by jaracan Communicator in Security 02-15-2022 0 3	0	3
SAML SSO on Splunkv8.2.4 Hello,Any changes happened on SAML SSO configuration in the new Splunk v8.2.4 ?We have an IdP configured to use SSO a... by shangshin Builder in Security 02-14-2022 0 3	0	3
How to search a lookup based on field values of a base search Hello everyone, hope you are all well this afternoon. I am trying to combine 2 searches where the outer search passes... by Allene139 Explorer in Security 02-14-2022 0 2	0	2
How to query to monitor new inputs Hello I want to monitor if user run new search in our environment or created new alert i tried to use this query : ... by sarit_s Communicator in Security 02-14-2022 0 4	0	4
SSL certificate checker issue: How to see all SSL Certificates in the current search? Hi please help here we are using below base search and we need to see all ssl certificates with days left in EST. ind... by pchintha Engager in Security 02-14-2022 0 6	0	6
Splunk certificate issue: Why are we receiving this error? Hi All, We have a requirement to connect to Splunk and send the message logs from the integration flow(Cloud platform... by Caren New Member in Security 02-14-2022 0 0	0	0
UF -> HF SSL Configuration Weirdness Hello, I'm currently working on configuring SSL from a UF sitting on a Windows server to a HF running on RHEL 7. I a... by elaborateGecko Explorer in Security 02-12-2022 0 4	0	4
How to build a search that monitors who accesses a directory on a Linux box Hello, I am very new to Splunk but trying to figure a few things out. I have been tasked with building a search so th... by Durwood Engager in Security 02-09-2022 0 1	0	1
Am I missing any configurations with Splunk forwarder SSL custom certificates? Hi, I have configured my windows forwarder to use the custom CA and Server certificate. Below is the configuration an... by SS1 Path Finder in Security 02-08-2022 0 1	0	1
FIPS kvstore certificate purpose Environment- Single Splunk 7.3.9 search head / indexer with FIPS_MODE=1etc/system/local/server.conf [sslConfig] ssl... by pongey Engager in Security 02-07-2022 1 1	1	1
How to stop all users login into splunk? We are recently migrated to QRadar. So we decide to decommission the splunk. before decommission we need to stop any ... by Naveen99 Engager in Security 02-07-2022 0 2	0	2
Using X509 certificates Dear Support,We use X509 certificates provided by our customer certificate authority, in order to use HTTPS protocol ... by mghaleb Engager in Security 02-04-2022 0 2	0	2
splunk troubleshooting Training Greetings!!Need your advice and opinions on the following points:- What training can I take to master splunk admin tr... by pacifikn Communicator in Security 02-03-2022 0 4	0	4
Splunk Cloud SAML SSO Signature Verification Failure Hi Experts,I'm trying to set up SAML SSO for Splunk Cloud against an external IDP.I've loaded the IDP's SAML metadata... by akermaier New Member in Security 02-03-2022 0 0	0	0
sample data for splunk PCI compliance app Hello All,I am working on building use cases for PCI compliance , Just got to know that splunk has an PCI compliance ... by kannu Communicator in Security 02-03-2022 0 0	0	0
Running Splunk Commands I've installed Splunk as Standalone and I'm trying to run Splunk commands under /opt/splunk and they didn't work.My q... by aateeq Explorer in Security 01-29-2022 0 1	0	1
Desintalar splunk forwarder 6-4-2 Estoy tratando de desintalar el agente Splunl en un servidor y me sale este mensaje intente tambien hacerlo por linea... by Norman2022 New Member in Security 01-25-2022 0 1	0	1
Splunk Connect for k8S - HTTPS problem Hello,I am trying to configure Splunk Connect for Kubernetes to capture a k8s cluster application logs.I have problem... by npe Engager in Security 01-25-2022 0 0	0	0
How can I search for users that haven't logged into Splunk for 90+ days? Any query help Highly appreciated ? Thanks in advance ! lists accounts in Splunk that have not been used (logon) for... by splunker969 Communicator in Security 01-24-2022 0 11	0	11
Can a Power User Role get grant to access ACL Capability to Dashboard/Report/Alarm Hi.As in Subject, only Admin Role can edit an object "ACL",turning an object from Private to Public, with relative "A... by verbal_666 Builder in Security 01-20-2022 0 0	0	0
IP Watch List I am very new to Splunk and trying to gain as much knowledge as possible. I found there is an App called Splunk Globa... by juanv Engager in Security 01-19-2022 0 3	0	3
Splunk search query Supposed if i have huge data of users i need to check the last status of the each users Like login and logout. If use... by kajalchopade071 Path Finder in Security 01-19-2022 0 8	0	8