Security

Community Activity

Splunk port issue Hello SPlunkers!!I have upgraded my HF from 8.0.0 to 8.1.2, while upgradation everything is working fine. But the iss... by uagraw01 Motivator in Security 12-01-2021 0 4	0	4
How do I get the current logged in username in Splunk? How do I get the current username from Splunk? Por exemplo, eu entrei como Obama, dai queria resgatar o nome Obama. (... by renanprado96 Path Finder in Security 12-01-2021 1 15	1	15
Accidently removed permissions from only admin account Hello, I recently messed up the permissions for the only account in my testing environment instance. I no longer have... by jmadsen1 Explorer in Security 12-01-2021 0 2	0	2
Using an HTTP Event Collector, How do I enable SSL certificate validation using Splunk logging for .net? Splunk logging for .NET can't connect to my Splunk enterprise using Http Event Collector. Other than disable SSL, Ho... by ajames12 Engager in Security 11-26-2021 1 1	1	1
AzureAD SSO - Reply URL does not match I am trying to set up SSO with Splunk and AzureAD. I have used these guides: https://docs.splunk.com/Documentation/Sp... by mattiashenrikss Engager in Security 11-23-2021 0 3	0	3
Update BindDNpassword on deployer in authentication.conf Hello guys, how to correctly update and deploy new LDAP password please, is procedure below accurate? update bindDN,... by splunkreal Motivator in Security 11-23-2021 0 1	0	1
HEC _raw sourcetype Hi, I have a raw HEC set up as follows (no sourcetype set): [http://aiwa_request_input] disabled = 0 index = test i... by apider Explorer in Security 11-18-2021 0 2	0	2
Adding new email address to Splunk Profile I need to add my company email address to my SplunK profile. The current profile only consists my personal email addr... by devanjanghosh New Member in Security 11-18-2021 0 7	0	7
Need to setup splunk lab in vm Hi,Can anyone guide me to setup Splunk lab in VM. I am very much passionate to learn splunk. but getting failed in se... by shrikanthmn2020 Observer in Security 11-18-2021 0 1	0	1
Cron Expression for scheduled Alert Hi Please help me to build cron expression. thanks in advanceAlert runs Every 15min from 8am to 18pm, EverydayAlert r... by jackin Path Finder in Security 11-17-2021 0 2	0	2
Storing encrypted credentials and retrieving them So I've been looking at this blog post from 10 years ago:https://www.splunk.com/en_us/blog/security/storing-encrypted... by Betelgeuse Engager in Security 11-17-2021 1 2	1	2
Zoom Logging - Firewall Question Hi, I'm following the zoom logging instructions and have everything configured. I'm ready to put in the exception fo... by tiaatim Path Finder in Security 11-16-2021 0 1	0	1
Data Model Authentication sucessful splunk query alerts Please I need help with a detailed splunk Data accelerated data model authentication query for sucessful login aler... by ngwodo Path Finder in Security 11-15-2021 0 0	0	0
Inadvertently edited 4000+ ES notable events - please help me undo them Hello folks!That is my first post here and I hope you guys help me with my issue.I have inadvertently selected 4000+ ... by DanAlexander Communicator in Security 11-15-2021 0 2	0	2
Permissions to delete searches in Splunk 6.1.1 Recently we upgraded to 6.1.1 and I've noticed that users with admin access no longer can delete searches. What per... by adylent Path Finder in Security 11-11-2021 1 5	1	5
Audit windows group policy change Hey all,a bit Microsoft question....We do want to monitor windows Group Policy changes in our Domain. We have install... by omershira Explorer in Security 11-11-2021 0 0	0	0
Splunk Heavy Forwarder and Java I have a request that the version of Java on the HFs need to be updated, or have Java removed.Is Java needed to the f... by nbrazier21 Engager in Security 11-10-2021 0 1	0	1
Mikrotik APP and ES Hifor getting mikrotik logs in splunk i use mikrotik app.i have a problem with show mikrotik events in splunk Enterpr... by ashkanarjmand New Member in Security 11-09-2021 0 2	0	2
Splunk vulnerabilities Hello,till few weeks ago we were using site https://www.splunk.com/page/securityportal to check for Splunk vulnerabil... by romanmikita Observer in Security 11-08-2021 0 1	0	1
Excessive Failed login alert Investigation. How will i use Splunk to investigate an Excessive Failed login alert and what are things to look for?Thanks, by BUSAKIN Explorer in Security 11-07-2021 0 3	0	3
Create saved search via javascript, for user that does not have saved search create rights Our app has a functionality where users can create alerts for specific events. Unfortunately the users do not have ... by BernardEAI Communicator in Security 11-03-2021 0 1	0	1
configure CA issued certificate on splunkd port 8089 and web port 8443 on SH cluster We have a requirement to configure splunk with the CA issued certificates.We are running Splunk 8.2.2.1.In test envir... by patelmc Explorer in Security 11-01-2021 1 0	1	0
Search to detect XSS attacks Hello,I have made a search/query to detect the attacks of XSS the problem I have is that it also shows valid requests... by JB2021 New Member in Security 10-28-2021 0 0	0	0
Is there a way to audit who has modified the searchable retention period for the various indexes in Splunk cloud We found that the searchable events for our wineventlog only goes back about 4 months but the searchable retention i... by Ichan Loves-to-Learn Everything in Security 10-27-2021 0 1	0	1
Splunk SSO for Login UI Hi, This is request you to kindly provide us the configuration for Splunk login UI SSO to authenticate with Google ac... by santysanthoshs Observer in Security 10-26-2021 0 0	0	0