Security

Discussions

Thread Info

How to creaate Splunk authentication with CAC / Smart Card and LDAP for Authorization?

Hello, We are using Splunk with CAC / Smart Card authentication and want to add to our configuration the ability t...

by Explorer in

how to replace new client secret value

Hi, can anyone tell me how to replace new client secret value which i received. i am new to splunk and badly need the...

by Path Finder in

How to download my exam scorecard and obtained marks certification scorecard?

Hi, Does anyone help me to download my exam scorecard and obtained marks.I have recently passed my splunk power us...

by Engager in

Why are Yum updates breaking a working configuration?

Hello everyone, I'm a newbie, so please be gentle. We are using Amazon Linux 2. Our configuration has a Universal...

by Explorer in

How to extract fields from the Unstructured Events?

Hello, I have some issues with field extraction since value pair and non-value pair fields are within the same eve...

by Motivator in

Splunk Exam Results - Splunk Certified User 6.x Online Exam 0517

Hi, I've successfully completed "Splunk certified user" exam and i received mail saying to download certification ...

by New Member in

Disable ANSI escape codes

I am unaware of how to filter or disable the processing of ANSI escape codes as recommended by Splunk, due to the rec...

by Explorer in

Federated search head validation

Hi Team, I have created a federated provider and test connection successful . what will be our next steps ? is ...

by Path Finder in

Why is Sourcetype not displaying data in Ingest Action?

I am trying to make splunk less noisy and filter out some of our 4688 events. I have tried to use the Ingest Action ...

by New Member in

Failed to check broker status

Failed to check broker statusLRS.Http.HttpUnauthorizedException: Unauthorizedat LRS.PersonalPrint.Service.Areas.User....

by New Member in

How can I generate a list of users and assigned roles?

I am doing some refactoring of authentication.conf and would like to be able to diff the users and their mapped roles...

by Communicator in

How to create exception EventID 8004 - imputs.conf?

Hi everyone, I'm trying to create an EventID 8004 exception from the C:\Program Files (x86)\Adobe\Acrobat Reader D...

by Explorer in

How to delete authorization token for non-existent user?

Hello, Does anyone know how to delete an authorization token for no more exisiting account in Splunk?We have tried...

by Path Finder in

How to create an superpower role that is able to add a restricted list of roles to users?

Hello, I would like to create a role which allows to add roles to users on a limited perimeter. The goal is to del...

by Path Finder in

Universal forwarder to connection with SSL certs?

We are trying to figure UF and Splunk Indexer to use SSL certs to create a secure comms between the twoand for some r...

by Loves-to-Learn in

SPLUNK AWS Add On-Autodiscovered IAM Role

Hello, In SPLUNK AWS-Add-On, there is one option Autodiscovered IAM Role, by default it is in No status. When we sh...

by Motivator in

How to Detect C2 Beacon?

Hello, I am helping client of mine monitor network for malware or hacker and we are looking to built SPL to monito...

by Loves-to-Learn in

How to ingest AWS inspector logs in to Splunk cloud?

Hi We have Victoria splunk cloud for our splunk environment and and AWS cloud for our linux environment. we h...

by Loves-to-Learn Everything in

Splunk's $SPLUNK_HOME/etc/passwd File syntax and encryption/hashing algorithm

I've searched around a good bit.. haven't found any official documentation on the topic. On Splunk forwarders and ...

by Communicator in

How do I find out what port Splunk is running on?

I have installed Splunk multiple times on my machine and I am trying to figure out what ports I have configured. Is t...

by Splunk Employee in

Top Labels

access control 127
audit 63
authentication 163
encryption 63
LDAP 43
Linux 1
login 86
other 309
permissions 93
SAML 50
SSL 136
SSO 42

Get Updates on the Splunk Community!

Security

Discussions

How to creaate Splunk authentication with CAC / Smart Card and LDAP for Authorization?

how to replace new client secret value

How to download my exam scorecard and obtained marks certification scorecard?

Why are Yum updates breaking a working configuration?

How to extract fields from the Unstructured Events?

Splunk Exam Results - Splunk Certified User 6.x Online Exam 0517

Disable ANSI escape codes

Federated search head validation

Why is Sourcetype not displaying data in Ingest Action?

Failed to check broker status

How can I generate a list of users and assigned roles?

How to create exception EventID 8004 - imputs.conf?

How to delete authorization token for non-existent user?

How to create an superpower role that is able to add a restricted list of roles to users?

Universal forwarder to connection with SSL certs?

SPLUNK AWS Add On-Autodiscovered IAM Role

How to Detect C2 Beacon?

How to ingest AWS inspector logs in to Splunk cloud?

Splunk's $SPLUNK_HOME/etc/passwd File syntax and encryption/hashing algorithm

How do I find out what port Splunk is running on?

Streamline Data Ingestion With Deployment Server Essentials

Remediate Threats Faster and Simplify Investigations With Splunk Enterprise Security ...

Introduction to Splunk AI

Splunk CAC Based Authentication

Learning about certificates in appsCA.pem

How to disable verification of audience restrictio...

How to run a search to determine whether an app ha...

How to Customize global banner color and font?