Security

Community Activity

AOC for Splunk Auditors are looking for updated AOC for Splunk. Where can we find this document from Splunk? by patelDip New Member in Security 09-14-2021 0 0	0	0
Restore a recently deleted user Hi!,I have recently deleted an user. I should not have done that....Can I restore it?If anyone has any ideas I'd appr... by repplikaFK Engager in Security 09-14-2021 0 2	0	2
Correlation rule Hey splunkers, How can I correlate rules in Splunk from 2 data sources? The events for example:OKTA - privilege grant... by or1515 Loves-to-Learn Everything in Security 09-11-2021 0 10	0	10
How do I create a new field? Hey splunkers,How do I create a new field in splunk? If I have a windows security log with "User" field and I want to... by or1515 Loves-to-Learn Everything in Security 09-09-2021 0 3	0	3
Detecting Login Attempts both Successful and Not, that come from Outside of the United States Hello Splunkers! I wanted to ask if anyone out there has some SPL that I can use as an alert to detect failed an... by itsmevic Communicator in Security 09-07-2021 0 1	0	1
Experiences with App Deployment on Splunk Cloud We currently operate on-prem and are considering moving to Splunk Cloud.A potential blocker is the manual process req... by jonaclough Path Finder in Security 09-06-2021 0 1	0	1
What are methods to encript password under deployments-apps Hi,I am configuring SSL encryption b/w agent and indexer/deployment server. But passwords placed under deployment-app... by Pradeep Observer in Security 09-03-2021 0 0	0	0
DBconnect accessing SQL Diagnostic Manager every 30mins We are using DBconnect with JTDS driver. When we enabling the connection in DBconnect we are seeing the below script ... by vin_ven27 Explorer in Security 09-02-2021 0 0	0	0
Status code=responder, SSO disabled Running Splunk Enterprise 8.0.0 on an internal network.I went away on vacation for a few weeks with Splunk working fi... by pl2345 Path Finder in Security 09-02-2021 1 4	1	4
Tuning ES to environment How are you tuning ES to your environment? Are you overwriting the correlation searches that ship with ES or are you ... by wgawhh5hbnht Communicator in Security 08-31-2021 0 1	0	1
Unable to connect to splunk enterprise AMI with default username and password Hi y’all. I recently installed splunk enterprise AMI instance in EC2. Unfortunately, I am unable to access with the d... by priyakvs New Member in Security 08-27-2021 0 0	0	0
How can I set up LDAP for all my Splunk servers at one time? How can I set up LDAP for all my Splunk servers at one time? Am I going to have to set this up individually on each ... by cajunitalian Engager in Security 08-27-2021 1 4	1	4
Is there any way to unhash a hashed BindDN password Let's say I needed to restore the password. How hard would it be to do that? by bfaber Communicator in Security 08-26-2021 0 8	0	8
SplunkWeb fails to start - timeout when binding to port The problem: When trying to start splunk, splunkweb errors out (supposedly on binding to the port, but I am skeptica... by crazygir Explorer in Security 08-23-2021 3 9	3	9
Can't connect to http://myserver:8000 on fresh install CentOS7 I've just installed latest splunk on a fresh minimal CentOS 7 installation. Installation process showed no warnings... by amanogue New Member in Security 08-23-2021 0 4	0	4
How do I safely store passwords in my splunk app? App Inspect returns a manual check that declares "Check that no plain text authorization credentials are stored in th... by dnguyen_splunk Splunk Employee in Security 08-23-2021 1 3	1	3
Basic security function of delete account missing Hi,The basic function of delete my account is missing.Which ultimately leads me to abundaunning of my account. by Splkmap New Member in Security 08-23-2021 0 3	0	3
How to update Email Address in Splunk profie HI Team,I need to add my company email address to my SplunK profile.I want to update it with my professional email ID... by VinKadam New Member in Security 08-23-2021 0 2	0	2
prompt for admin user name "Your session is invalid. Please login" How to avoid that? Hello, When certain splunk administration commands are executed (eg, offline) sometimes on some servers i get promt ... by sim_tcr Communicator in Security 08-19-2021 0 4	0	4
detect web application vulnerabilities hiI want to detect web vulnerabilities for example "XSS" or " SQLI" with splunk. for this target i collect apache log... by szone Engager in Security 08-17-2021 0 2	0	2
SMTP configuration in backend How to update SMTP credentials in the backend config. in which config file we should update. Do we need to encrypt th... by syedabuthahir Explorer in Security 08-15-2021 0 3	0	3
SOC Dashboard I am new to the SOC environment. I was tasked to create a personal dashboard. What items/data should I put into the d... by Sharlann Engager in Security 08-15-2021 0 2	0	2
How to allow TLSv1.1 with AES256-SHA in HEC with Splunk 8? Splunk 8's HEC defaults to TLSv1.2 only. But I have a need to allow TLSv1.1 with AES256-SHA in order for puppetserve... by yuanliu SplunkTrust in Security 08-14-2021 0 1	0	1
Using Auth0 for SAML I've created this guide about Integrating Splunk with Auth0 for SAML authentication http://isbyr.com/configure-splunk... by ilyaresh Path Finder in Security 08-13-2021 0 3	0	3
Splunk could not update permissions for resource data/transforms/lookups I tried to change in permissions from private to Global of lookup table and definition- and automatic lookups- in 2 i... by joy76 Path Finder in Security 08-13-2021 6 9	6	9