Security

Community Activity

Please help me to find the following Addon's and Apps are impacted with log4j or Not ? Hi Splunkers  , The vulnerability was disclosed by the Apache Log4j project on Thursday, December 9, 2021. If exploi... by harishalipaka Motivator in Security 12-14-2021 0 1	0	1
CVE-2021-44228 Splunk Enterprise (on-prem) is reported as having a hotfix for this CVE 8.2.3.2, but I am unable to locate the hotfix... by dconverse New Member in Security 12-13-2021 0 1	0	1
Need help in extraction index=* host=* rule=corp_deny_all_to_untrust NOT dest_port=4242 \| table src_ip dest_ip transport dest_port applicatio... by neeltiwari Observer in Security 12-13-2021 0 3	0	3
Splunk for kafka connect I am using splunk connector for kafka. https://github.com/splunk/kafka-connect-splunk/releases https://splunkbase.sp... by dsindatry New Member in Security 12-13-2021 0 0	0	0
Splunk instances will not connect to HTTP port After installing SSL certificates and changing the default Splunk web port to 443, I receive the following error: Ch... by jonesnadiam Path Finder in Security 12-13-2021 2 17	2	17
Top 10 Failed Login Im new to splunk , I created 15 users and had failed login attempts on some of them.how can i find the first 10 faile... by sittingonion Observer in Security 12-09-2021 0 2	0	2
Why is the Netflow stream not listening on the defined port? I'm struggling to get the Splunk Stream Forwarder to listen on the port that I have configured to receive sFlow packe... by jamessinton New Member in Security 12-07-2021 0 3	0	3
How to mask a bank detail from JSON logs Hi,We are ingesting some logs into splunk in JSON format, the logs are ingested via TA.The value field in the below c... by VijaySrrie Builder in Security 12-07-2021 0 1	0	1
All Index logs display by Stats by Date Hello All,Need an search query where i can see all the index logs by \|stats by count, date, index. Tried the below se... by mailmetoramu Explorer in Security 12-06-2021 0 3	0	3
Limit access to index by Role without breaking other roles I have user A that is getting 3 different roles. Normally this isn't an issue, but one of those roles has a restricte... by cboillot Contributor in Security 12-06-2021 0 5	0	5
Splunk Alert on specific phrase I have an alert set up to run every hour to look for any latency of :45 minutes. If over that send a "Please Investig... by babcolee Path Finder in Security 12-02-2021 0 3	0	3
Splunk port issue Hello SPlunkers!!I have upgraded my HF from 8.0.0 to 8.1.2, while upgradation everything is working fine. But the iss... by uagraw01 Motivator in Security 12-01-2021 0 4	0	4
How do I get the current logged in username in Splunk? How do I get the current username from Splunk? Por exemplo, eu entrei como Obama, dai queria resgatar o nome Obama. (... by renanprado96 Path Finder in Security 12-01-2021 1 15	1	15
Accidently removed permissions from only admin account Hello, I recently messed up the permissions for the only account in my testing environment instance. I no longer have... by jmadsen1 Explorer in Security 12-01-2021 0 2	0	2
Using an HTTP Event Collector, How do I enable SSL certificate validation using Splunk logging for .net? Splunk logging for .NET can't connect to my Splunk enterprise using Http Event Collector. Other than disable SSL, Ho... by ajames12 Engager in Security 11-26-2021 1 1	1	1
AzureAD SSO - Reply URL does not match I am trying to set up SSO with Splunk and AzureAD. I have used these guides: https://docs.splunk.com/Documentation/Sp... by mattiashenrikss Engager in Security 11-23-2021 0 3	0	3
Update BindDNpassword on deployer in authentication.conf Hello guys, how to correctly update and deploy new LDAP password please, is procedure below accurate? update bindDN,... by splunkreal Influencer in Security 11-23-2021 0 1	0	1
HEC _raw sourcetype Hi, I have a raw HEC set up as follows (no sourcetype set): [http://aiwa_request_input] disabled = 0 index = test i... by apider Explorer in Security 11-18-2021 0 2	0	2
Adding new email address to Splunk Profile I need to add my company email address to my SplunK profile. The current profile only consists my personal email addr... by devanjanghosh New Member in Security 11-18-2021 0 7	0	7
Need to setup splunk lab in vm Hi,Can anyone guide me to setup Splunk lab in VM. I am very much passionate to learn splunk. but getting failed in se... by shrikanthmn2020 Observer in Security 11-18-2021 0 1	0	1
Cron Expression for scheduled Alert Hi Please help me to build cron expression. thanks in advanceAlert runs Every 15min from 8am to 18pm, EverydayAlert r... by jackin Path Finder in Security 11-17-2021 0 2	0	2
Storing encrypted credentials and retrieving them So I've been looking at this blog post from 10 years ago:https://www.splunk.com/en_us/blog/security/storing-encrypted... by Betelgeuse Engager in Security 11-17-2021 1 2	1	2
Zoom Logging - Firewall Question Hi, I'm following the zoom logging instructions and have everything configured. I'm ready to put in the exception fo... by tiaatim Path Finder in Security 11-16-2021 0 1	0	1
Data Model Authentication sucessful splunk query alerts Please I need help with a detailed splunk Data accelerated data model authentication query for sucessful login aler... by ngwodo Path Finder in Security 11-15-2021 0 0	0	0
Inadvertently edited 4000+ ES notable events - please help me undo them Hello folks!That is my first post here and I hope you guys help me with my issue.I have inadvertently selected 4000+ ... by DanAlexander Communicator in Security 11-15-2021 0 2	0	2