Security

Start a Conversation

Discussions

Start a Conversation

Thread Info

Restrict access to apps based on role

Hi, I have a question about restricting user/role access to apps. Today I have about 80 apps in my SH. I would li...

by Contributor in

How to restrict access to indexed fields

I would like to restrict access to a specific indexed field. Here's my scenario: events contain usernamesI use ING...

by Contributor in

Missing Logout option - Enterprise license, LDAP Authentication

Currently using LDAP authentication, enterprise license for splunk version 7.3.3 I know there was a similar issue ...

by Engager in

When uploading a data file, why is the progress bar getting stuck at 100% for a non-admin user?

Hi, I'm having an issue uploading files to Splunk as a particular user. When I attempt the upload process, the pro...

by Path Finder in

Splunk apps: How do you resolve certificate verification errors?

I've searched the similar questions and did not find a direct answer. I have a Splunk APP (Code42) that fails becaus...

by Explorer in

Intermediate Certificate

Hi, I'm new to creating self-signed SSL certificates. I've been following the Splunk documentation https://docs.spl...

by New Member in

Effective permission for user in multiple roles

I have users in multiple roles. Some role have higher permission and with access to a list of indexes. How can I view...

by Path Finder in

SSL Error on configuring Splunk forwarding using own certificates

I am trying to setup Splunk forwarding using own certificates. Following is the configuration made. On Indexer (in...

by Explorer in

How to secure Splunk with Multi CA

How to secure Splunk with Multi CAwe are securing the Splunk Platform with ssl, data flow TOP as following, ufwd(su...

by Engager in

2FA authentication

I have seen that there is a way to authenticate using the second factor of authentication through RSA and DUO. But ...

by Builder in

SmartStore: How to encrypt data in-flight with SSL when uploading and downloading to AWS S3?

I am trying to better understand the encryption of data in-flight when sending data up to AWS S3 and pulling it back ...

by Loves-to-Learn in

What should be the proper Unix permissions for files in a locally-written app in $SPLUNK_HOME/etc/apps?

We're installing locally-written Splunk apps via puppet and are curious what the proper permissions for a user-writte...

by Path Finder in

How to tag all events from clients to defined "groups"

Hello I would like to add a tag to our Splunk clients by location. I found how to create eventtypes on the server...

by Path Finder in

Best way to segregate hosts

Dear all, I'm in the process of grouping hosts by location. I would like it to be based on the hostname. The goal...

by Path Finder in

trusted.pem and private.pem in auth/distServerKeys. How are they generated?

As part of an automation activity, we want to connect Search Heads automatically using distsearch.conf as per the gui...

by Super Champion in

In the searchhead GUI only 1000 available search indexes are shown

In Access Management - Role - available search indexes , only 1000 indexes are shown while we have more than 1000 ind...

by Observer in

Splunk linux

Hi Splunkers!I'm actually working on root privilege escalations with linux logs and I have limited experience with it...

by Path Finder in

Splunk Security Essentials onboard data/use case creation

Hi Team, We are trying to get data on boarded to splunk security essentials. We do not have a clear visibility t...

by Path Finder in

Unable to access the index

I have created a role and provided the access to indexes for a user. However the user can not search on the index. Ot...

by Path Finder in

Splunk Admin Password

I have renamed passwd.bkg to passwd and restart splunk but still not able to reset my password using admin and change...

by New Member in

Top Labels

access control 112
audit 54
authentication 141
encryption 52
LDAP 38
login 78
other 266
permissions 87
SAML 42
SSL 117
SSO 36

Get Updates on the Splunk Community!

Security

Discussions

Restrict access to apps based on role

How to restrict access to indexed fields

Missing Logout option - Enterprise license, LDAP Authentication

When uploading a data file, why is the progress bar getting stuck at 100% for a non-admin user?

Splunk apps: How do you resolve certificate verification errors?

Intermediate Certificate

Effective permission for user in multiple roles

SSL Error on configuring Splunk forwarding using own certificates

How to secure Splunk with Multi CA

2FA authentication

SmartStore: How to encrypt data in-flight with SSL when uploading and downloading to AWS S3?

What should be the proper Unix permissions for files in a locally-written app in $SPLUNK_HOME/etc/apps?

How to tag all events from clients to defined "groups"

Best way to segregate hosts

trusted.pem and private.pem in auth/distServerKeys. How are they generated?

In the searchhead GUI only 1000 available search indexes are shown

Splunk linux

Splunk Security Essentials onboard data/use case creation

Unable to access the index

Splunk Admin Password

Introducing Edge Processor: Next Gen Data Transformation

Take the 2021 Splunk Career Survey for $50 in Amazon Cash

Using Machine Learning for Hunting Security Threats

Recon scanner ip's Use case ?

SSL Certificate invalid: How to send data from sal...

Is it possible to create a role, that cannot execu...

Scanning Splunk data for secret leaking?

Using SSL with connection between forwarders and A...