Security

Community Activity

Limit View of Navigation Menu Hi,Is there a way to limit or restrict the view of our custom "Navigation Menu" . Like we want to hide some reports f... by aquinojason Path Finder in Security 06-03-2021 0 1	0	1
Splunk Enterprise Security - Notable limit Hi all,I have Splunk ES, with a bunch of rules.The issue is that correlation rules generate notables for each result,... by astatrial Contributor in Security 05-31-2021 0 0	0	0
Creating HEC token for clustered environment Hi All, We have a clustered environment where we want to enable and add HEC on Heavy Forwarder but I am not able to f... by payl_chdhry Path Finder in Security 05-31-2021 0 2	0	2
How do you prevent a Splunk Enterprise receiver from receiving unauthorized data? I am working on a proof of concept but I am failing to see where security comes in regarding forwarders and receivers... by kunou126 Engager in Security 05-31-2021 1 3	1	3
Reg. Ransomware. In addition to Security Essentials what other steps do I need to take to protect using Splunk? Reg. Ransomware. In addition to Security Essentials what other steps do I need to take to protect using Splunk. How d... by SamHTexas Builder in Security 05-28-2021 0 0	0	0
Difference between cacert.pem ca.pem server.pem Hello guys,is there documentation somewhere explaining roles of default certificates, especially cacert.pem/ca.pem :c... by splunkreal Motivator in Security 05-28-2021 0 4	0	4
cacert.pem - Why does Splunk need it to start? Quick details: We are running Splunk 6.4.2 on Windows 2k8 as a standalone deployment. We are using third part certs... by ebdavis New Member in Security 05-28-2021 0 2	0	2
Why am I unable to browse for more apps? Dear Friends. Please help me, I am new to Splunk. I cannot browse for More Apps. when i click on "Find more Apps"... by fazilhussain Explorer in Security 05-25-2021 0 4	0	4
User Browser extract Issue H Team I tried the below command , but the output is incorrect where all the count are showing under other instead . ... by jaibalaraman Path Finder in Security 05-23-2021 0 1	0	1
Several User groups cannot access indexes they have been whitelisted for in authorize.conf I have several groups with access to the same index. In authorize.conf these groups all either have access to wildcar... by gharri27 New Member in Security 05-21-2021 0 0	0	0
Can't contact LDAP Server (-1) Reason - ber_get_next failed Currently LDAP authentication is configured through an app on search heads and managed via deployment server. However... by dm1 Contributor in Security 05-20-2021 0 0	0	0
useSSL doesn't seem to work in 8.0.2.1 I am trying to set up my forwarders to use SSL without having to use the built in client certs on version 8.0.2.1. It... by agitelzon Explorer in Security 05-19-2021 0 1	0	1
Splunk and CyberArk vault Greetings:I inherited a splunk instance. We use CyberArk to manage our passwords Web GUI and CLI. Here is my prob... by jcorcoran508 Path Finder in Security 05-15-2021 0 1	0	1
Splunk web restriction Hello Splunkers,Is there a way to restrict web-ui access ? Users shoud not be able to view any options/menus to choos... by garumuga New Member in Security 05-14-2021 0 3	0	3
splunk query Hi Can someone help me with the query for the below requirmenti have User A, User B, User C and so onn with the job s... by Nith1 Path Finder in Security 05-13-2021 0 3	0	3
Http Event Collector C# not working There is the sameple snippet found online: var middleware = new HttpEventCollectorResendMiddleware(100); var ecSende... by johnchen0213 New Member in Security 05-11-2021 0 2	0	2
Splunk Security Essentials - data available Hi all, I have the Splunk Security Essentials app installed and configured.I am trying to understand how the app dete... by astatrial Contributor in Security 05-10-2021 0 0	0	0
Monitor mssql logs Hi all,I would like to ask if is possible to monitor mssql transcript logs(DROP, CREATE) without using any apps? by Ning Engager in Security 05-10-2021 0 0	0	0
What are the ways to create AWS asset DB in splunk cloud? please suggest multiple approaches that you come across We totally have 150+ account that we are currently wanted to create an asset DB to integrate with threat intel. pleas... by archestain Explorer in Security 05-07-2021 0 0	0	0
Indexer forwarder ssl communication CRL not used Hi guys.I have a problem with certificate revocation on Splunk forwarder.Description:There are 3 VM with Red Hat:Cert... by Roman_Micek Engager in Security 05-04-2021 0 2	0	2
Unable to update apps via "install app from file" or "update" Hi, I am trying to update a app in our splunk environment, when i click on "install app from file" it gives a 500 err... by SS1 Path Finder in Security 05-03-2021 0 2	0	2
Monitor TCP port 80 in a PC (HOME) I am new to Splunk and I am going to create data input of monitoring TCP packet to/from my laptopI have already insta... by a1697115 New Member in Security 05-03-2021 0 1	0	1
server.conf crossOriginSharingPolicy url format I'm trying to set up some HTTP Origins for which to return Access-Control-Allow-* (CORS) headers. According to the Sp... by BernardEAI Communicator in Security 04-30-2021 0 1	0	1
Receiving Data on Splunk Server I am unable to receive data from the forwarder to the server However I have added the serveron server I gotnetstat -... by AmyShah Loves-to-Learn in Security 04-29-2021 0 1	0	1
Disable URL https://splunk:port/en-US/account/login?loginType=splunk Is there a way to allow the Splunk login only for the authtype!=Splunk. I know that I have to specify authtype=SAML o... by mielkea Engager in Security 04-28-2021 0 1	0	1