Security

Community Activity

How to get session key / auth token for mod input script Hi,I'm currently trying to get the auth token that can be used for rest apis without exposing my password. Since it i... by jimmycmfu New Member in Security 07-30-2021 0 0	0	0
Anyway to see X-Forwarded-For in Splunk access logs? I'm looking to implement some brute force login attempt detection/mitigation for a Splunk cluster. Splunkweb in this ... by jimcroft Explorer in Security 07-29-2021 1 14	1	14
SSL Error preventing upgrade to Splunk 8 Context: Windows 10 Pro Splunk 7.3.4 What? Trying to upgrade to Splunk 8.0.1. Half way during the upgrade the instal... by csyvenky Path Finder in Security 07-29-2021 1 2	1	2
Update/Correct email address I know email field is not editable but shouldn't there be an option to update email address. And if its there for som... by priyankak10 New Member in Security 07-29-2021 0 2	0	2
Unable to update email address in my Splunk Account profile Hello Everyone, I'm trying to update a new email address in Splunk.com > Dashboard> My accounts > Update email addre... by Nvijay92 Explorer in Security 07-29-2021 1 8	1	8
CVE-2018-11409 Nessus Scan Trick modify restmap.conf Hello All,Nessus keeps throwing the error that "/en-US/splunkd/__raw/services/server/info/server-info?output_mode=jso... by kballow Observer in Security 07-28-2021 0 0	0	0
Splunk Phantom When trying to change the tenant contact information on Phantom in the multi-tenancy section of Product Settings , I ... by DerrickI54 New Member in Security 07-27-2021 0 0	0	0
Validating the path logs are taking to get to Splunk Hi,I have configured a couple of new hosts to forward Windows logs directly to Splunk cloud rather than going via on ... by cbrissett Engager in Security 07-27-2021 0 1	0	1
Microsoft Azure Add on for Splunk NO authenticationDetail resource type It seems that the authenticationDetail resource type is no longer part of the: Sign-ins - Azure AD sign-ins including... by zschmerber Explorer in Security 07-27-2021 0 1	0	1
Does upgrading version renews default certificates? Hello guys,Do you know if upgrading version automatically renews default certificates like valid or expired server.pe... by splunkreal Influencer in Security 07-22-2021 0 1	0	1
cipherSuite in various .conf files Hi, we know about the cipherSuite option to set and configure the SSL cipher to be used. But since it can be set in ... by lcshared Explorer in Security 07-21-2021 0 8	0	8
ERROR ending mail and configuration settings in email Error sending Email "command="sendemail", [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:741) while sendin... by phanichintha Path Finder in Security 07-19-2021 0 1	0	1
SH Cluster Prevent Config Replication Question - If I wanted to prevent SAML/SSO configurations from replicating to other SHs in a cluster, could I use the... by Sivrat Path Finder in Security 07-19-2021 0 0	0	0
How to configure REST API to use third party TLS certs Is there a way to configure the management port, which is being used to access the REST API, to use the TLS certs we ... by scottj1y Path Finder in Security 07-19-2021 0 3	0	3
Read-Only role/user How to make a read-only user/role? Try to make a new role, but it inherited capabilities from defaults roles. Any sug... by phpguy_80 Loves-to-Learn in Security 07-17-2021 0 5	0	5
User Web page "Account Settings" showing page not found For non admin roles, when I navigate to User Web page "Account Settings" showing page not found. Is there way to allo... by Bhupal Engager in Security 07-15-2021 0 2	0	2
Splunk VPC timestamp issue Hey,I am sure many of you, who have VPC logs on Splunk have came across this issue. Raw Log2 unknown eni-xxxxxxxxxxxx... by General_Talos Path Finder in Security 07-14-2021 0 2	0	2
Sending On-Prem Windows Defender AV DATA to On Splunk How to send On-Prem Windows Defender AV DATA to On Splunk by tarungupta0311 Explorer in Security 07-14-2021 0 5	0	5
Aside from Alerts for Admins& Meta Woot! &MC what other Splunk apps are useful for daily chores & Ransomware monitoring? Am looking for top 5-10 Splunk Apps / TAs to help with daily security checks & Watching for UBA behaviors, Ransomware... by SamHTexas Builder in Security 07-14-2021 0 3	0	3
How to configure Phantom to use LDAP/Active Directory for authentication? I want to configure Phantom to use Active Directory for authentication instead of the built-in authentication mechani... by sam_splunk Splunk Employee in Security 07-14-2021 0 5	0	5
Is the authentication method available in free license? Hi, I wonder if the authentication method available in my Splunk enterprise trial period and will it still be valid ... by dmerlhiot New Member in Security 07-13-2021 0 2	0	2
splunk query Hi,Can anyone help how to solve java stack trace log entries going across multiple splunk timestamps. by kreethu8 New Member in Security 07-12-2021 0 3	0	3
Only Failed Users without Any other Successful attempts Hello Splunkers i want to print events for only the users who has failed login attempts but never allowed attempts.he... by moayadalghamdi Path Finder in Security 07-12-2021 0 13	0	13
How to pass result set from one query to main query I am running a query like this index=main source=transferstatus sourcetype=logs transaction.transferSet.FileName="*m... by madhan_dc New Member in Security 07-10-2021 0 2	0	2
SMBV1 and v1.2 tracking Hi,coming for help again. i am trying to track smb traffic in me network but specifically smbv1 and v1.2 since they a... by japonter Explorer in Security 07-08-2021 0 0	0	0