Security

Community Activity

Unable to update email address in my Splunk Account profile Hello Everyone, I'm trying to update a new email address in Splunk.com > Dashboard> My accounts > Update email addre... by Nvijay92 Explorer in Security 07-29-2021 1 8	1	8
CVE-2018-11409 Nessus Scan Trick modify restmap.conf Hello All,Nessus keeps throwing the error that "/en-US/splunkd/__raw/services/server/info/server-info?output_mode=jso... by kballow Observer in Security 07-28-2021 0 0	0	0
Splunk Phantom When trying to change the tenant contact information on Phantom in the multi-tenancy section of Product Settings , I ... by DerrickI54 New Member in Security 07-27-2021 0 0	0	0
Validating the path logs are taking to get to Splunk Hi,I have configured a couple of new hosts to forward Windows logs directly to Splunk cloud rather than going via on ... by cbrissett Engager in Security 07-27-2021 0 1	0	1
Microsoft Azure Add on for Splunk NO authenticationDetail resource type It seems that the authenticationDetail resource type is no longer part of the: Sign-ins - Azure AD sign-ins including... by zschmerber Explorer in Security 07-27-2021 0 1	0	1
Does upgrading version renews default certificates? Hello guys,Do you know if upgrading version automatically renews default certificates like valid or expired server.pe... by splunkreal Motivator in Security 07-22-2021 0 1	0	1
cipherSuite in various .conf files Hi, we know about the cipherSuite option to set and configure the SSL cipher to be used. But since it can be set in ... by lcshared Explorer in Security 07-21-2021 0 8	0	8
ERROR ending mail and configuration settings in email Error sending Email "command="sendemail", [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:741) while sendin... by phanichintha Path Finder in Security 07-19-2021 0 1	0	1
SH Cluster Prevent Config Replication Question - If I wanted to prevent SAML/SSO configurations from replicating to other SHs in a cluster, could I use the... by Sivrat Path Finder in Security 07-19-2021 0 0	0	0
How to configure REST API to use third party TLS certs Is there a way to configure the management port, which is being used to access the REST API, to use the TLS certs we ... by scottj1y Path Finder in Security 07-19-2021 0 3	0	3
Read-Only role/user How to make a read-only user/role? Try to make a new role, but it inherited capabilities from defaults roles. Any sug... by phpguy_80 Loves-to-Learn in Security 07-17-2021 0 5	0	5
User Web page "Account Settings" showing page not found For non admin roles, when I navigate to User Web page "Account Settings" showing page not found. Is there way to allo... by Bhupal Engager in Security 07-15-2021 0 2	0	2
Splunk VPC timestamp issue Hey,I am sure many of you, who have VPC logs on Splunk have came across this issue. Raw Log2 unknown eni-xxxxxxxxxxxx... by General_Talos Path Finder in Security 07-14-2021 0 2	0	2
Sending On-Prem Windows Defender AV DATA to On Splunk How to send On-Prem Windows Defender AV DATA to On Splunk by tarungupta0311 Explorer in Security 07-14-2021 0 5	0	5
Aside from Alerts for Admins& Meta Woot! &MC what other Splunk apps are useful for daily chores & Ransomware monitoring? Am looking for top 5-10 Splunk Apps / TAs to help with daily security checks & Watching for UBA behaviors, Ransomware... by SamHTexas Builder in Security 07-14-2021 0 3	0	3
How to configure Phantom to use LDAP/Active Directory for authentication? I want to configure Phantom to use Active Directory for authentication instead of the built-in authentication mechani... by sam_splunk Splunk Employee in Security 07-14-2021 0 5	0	5
Is the authentication method available in free license? Hi, I wonder if the authentication method available in my Splunk enterprise trial period and will it still be valid ... by dmerlhiot New Member in Security 07-13-2021 0 2	0	2
splunk query Hi,Can anyone help how to solve java stack trace log entries going across multiple splunk timestamps. by kreethu8 New Member in Security 07-12-2021 0 3	0	3
Only Failed Users without Any other Successful attempts Hello Splunkers i want to print events for only the users who has failed login attempts but never allowed attempts.he... by moayadalghamdi Path Finder in Security 07-12-2021 0 13	0	13
How to pass result set from one query to main query I am running a query like this index=main source=transferstatus sourcetype=logs transaction.transferSet.FileName="*m... by madhan_dc New Member in Security 07-10-2021 0 2	0	2
SMBV1 and v1.2 tracking Hi,coming for help again. i am trying to track smb traffic in me network but specifically smbv1 and v1.2 since they a... by japonter Explorer in Security 07-08-2021 0 0	0	0
Splunk CLI returns "Action forbidden" I can query my Splunk instance using CLI with the following command: /opt/splunk/bin/./splunk search 'index=* host=* ... by busyninja Explorer in Security 07-08-2021 0 11	0	11
Distance between two or more Geolocations (Lat, Lon,) I'm have a search that pulls in user login info with lat and lon. I'm trying to calculate the distance between two co... by Bryon_bowman Explorer in Security 07-07-2021 0 4	0	4
Can Splunk increase the security strength of its default SSL certificates for inter-Splunk communication? According to the Splunk documentation the recommendation is to use the default certificates provided by Splunk for in... by sjaworski Communicator in Security 07-07-2021 1 4	1	4
domain account search using csv and event id Hi, i have been looking but cant seem to make much sense of it all.im new to splunk. im trying to create a search and... by japonter Explorer in Security 07-06-2021 0 2	0	2