Security

Community Activity

SAML Failed to parse issuer We are running Splunk enterprise 8.2.4 and it has been working fine with SSO authentication until I updated the SSL c... by keen Loves-to-Learn Lots in Security 04-29-2025 0 1	0	1
Specific Splunk Attack Range Resource Specs Hi all,I’m planning to deploy the Splunk Attack Range in a cloud-based lab environment, likely in AWS or Azure. I nee... by branmcd Observer in Security 04-18-2025 0 0	0	0
Setting tag permissions I've taken 30 minutes from my day to avoid spending over an hour modifying tag permissions, and have had no luck. I ... by jasongb Path Finder in Security 04-16-2025 4 1	4	1
Splunk Dashboard - Change On Condition Hello Experts, I am trying to work on setting up panels with two different queries output based on a filter. I am usi... by beriwalnishant Path Finder in Security 04-15-2025 0 13	0	13
find: ‘/opt/splunkforwarder/lib/python3.7/site-packages’: No such file or directory Getting error while downloading forwarder in Ubuntu, 20.04 LTS, amd64 focal image built on 2025-04-08Reinstalled, tr... by Gururaj1 Explorer in Security 04-14-2025 1 8	1	8
Splunk Web Login Issue- Why am I getting this server error? Hello, I have created splunk AWS Linux instance Instance and installed splunk enterprise on it. The install was succ... by Bo3432 Explorer in Security 04-11-2025 0 7	0	7
Mission Control SPL for incidents Hi all,I'm hoping someone could help assist with refining an SPL query to extract escalation data from Mission Contro... by 666Meow Explorer in Security 04-09-2025 0 2	0	2
Retrieve list max 30 roles when bind LDAP group name and role splunk After the upgrade of Splunk core to release 9.4.0, if I want to bind LDAP group name to role inside splunk (I have a... by aagro Path Finder in Security 04-02-2025 0 3	0	3
Required Internet Endpoints for Splunk SIEM Functionality hello, Please write or send me document link which internet endpoints (URL, port) Splunk SIEM needs access to in orde... by Nikolozts Explorer in Security 03-22-2025 0 3	0	3
Why is Security scan showing CVE-2018-11409 on Splunk 8.1.3? Hi all, A security scan on our Splunk server has thrown up CVE-2018-11409. I've verified thatwe are affected - I can... by ed_a Engager in Security 03-20-2025 1 3	1	3
"Connection was reset" when trying to make an API request using CURL Hi,I`m trying to make an API request from my local machine to our Splunk Cloud instance, without much success.Checked... by tomapatan Contributor in Security 03-19-2025 0 3	0	3
How do I bind Splunk to a specific interface? I want to Splunk to listen on a specific interface not 0.0.0.0. How do I do this? by matt Splunk Employee in Security 03-13-2025 8 8	8	8
SSL reload on indexer for renewed certs This document explains ssl_reload for all ports except 9998 - Data receiving port on indexerhttps://docs.splunk.com/D... by gpradeepkumarre Engager in Security 03-13-2025 0 1	0	1
Splunk Cloud SAML Auth Admins Unable to Edit User Roles Splunk Cloud had an update this past Sunday, 3 Mar 2025. Since then, admins are unable to change a user's role. Is th... by jbeach Explorer in Security 03-07-2025 0 5	0	5
Restrict user with write permission to dashboard Hi, I have a case where I was to restrict user from edit option and cloning the dashbaord.Currently we have 200+ dash... by vikashperiwal Path Finder in Security 03-03-2025 0 2	0	2
Active directory access for Splunk Hello Splunkers!!I want us to configure Active Directory in Splunk with LDAP. My Splunk server and domain controller... by uagraw01 Motivator in Security 03-03-2025 0 13	0	13
Search peer SSL config check- How to resolve these errors that popped up after upgrade? HI, I have a standalone server which is running on 9.0.0.1 version earlier. Now it got updated to latest version of 9... by gowthammahes Path Finder in Security 02-28-2025 2 18	2	18
Does Splunk have a problem with token authentication and SAML? Splunk seems to have a problem with authenticating a SAML user account using a token.The purpose of using token authe... by ww9rivers Contributor in Security 02-21-2025 0 4	0	4
Splunk remote query Hi, i want to move a file from a client into Deployment Server via Search Head. I was thinking of something like \| ma... by Bluekeeper Engager in Security 02-11-2025 0 2	0	2
A splunk query to fetch Admin activity inside splunk Hello everyone,I am planning to automate a process where we need to archive admin activity for splunk application.For... by Zorghost Loves-to-Learn in Security 02-11-2025 0 7	0	7
Questions about UF outputs.conf Configuration I am configuring TLS communication between UF (Universal Forwarder) and Indexer.My outputs.conf configuration is as f... by tt-nexteng Path Finder in Security 02-10-2025 0 7	0	7
Integrate MSSQL standard edition with Splunk We need to integrate MSSQL standard edition with splunk, so we tried sending logs to Windows Event Viewer application... by Nawab Communicator in Security 02-09-2025 0 5	0	5
Splunk Fw suddenly stopped We have an environment where Splunk UF sends logs to HF and mostly UFs are stuck even HF and indexers are up, we need... by Nawab Communicator in Security 02-09-2025 0 7	0	7
Exporting ticket information from Mission Control Is there a way to export the ticket information from mission control with the analyst notes, and resolution ? If it'... by maxime_simard New Member in Security 02-07-2025 0 2	0	2
How to Set up TLS Between a Universal Forwarder (UF) and an Indexer 1.This is $SPLUNK_HOME/etc/system/local/inputs.conf of my Indexer.[splunktcp-ssl:9997]disabled = 0[SSL]serverCert = /... by tt-nexteng Path Finder in Security 02-05-2025 0 13	0	13