Security

Community Activity

Setting requireClientCert = true in server.conf prevents the CLI from communicating with splunkd In server.conf.spec, it is indicated that requireClientCert = true can be set to require HTTPS clients connecting to ... by hexx Splunk Employee in Security 02-03-2025 2 8	2	8
Using SSL with connection between forwarders and AWS ACM (certificate MAanger) Hi, We have a set of indexers with no public IPs behind AWS NLB We would like to use AWS certificates that terminate ... by aamer86 Path Finder in Security 02-03-2025 0 7	0	7
complex conditional search Hey Splunkers, I'm trying to create a conditional search that will run on the same index but will have different sear... by intosplunk Engager in Security 01-30-2025 0 2	0	2
Migrating Splunk Enterprise from RHEL to Windows Hi, Yes, you read it right. One of my small lab is planning to migrate their Splunk deployment from RHEL to Windows. ... by jkamdar Communicator in Security 01-27-2025 0 5	0	5
Does Iframe of a report expire after a user leaves the organization? Hey, so my company is working on creating a visual in SharePoint by integrating Iframes from report. This is working ... by meetpatel2441 New Member in Security 01-13-2025 0 2	0	2
How to download my exam scorecard and obtained marks certification scorecard? Hi, Does anyone help me to download my exam scorecard and obtained marks.I have recently passed my splunk power user ... by karthick_03 Explorer in Security 01-11-2025 0 4	0	4
How to configure Splunk error pages / messages (like 404 not found)? Hi all, I use the web.conf file to configure login messages, ... Is it a similar method to configure error pages (lik... by fto Explorer in Security 01-07-2025 1 7	1	7
Certifications score From where we can see the actual score of any Splunk exam. Because from Splunk website we can only get certification ... by Devansh9401 Engager in Security 01-04-2025 0 2	0	2
using search results as variable in another search so i have search a which creates a variable from the search results (variableA) i need to search another index using ... by darkins Engager in Security 12-15-2024 0 5	0	5
browser name extraction from user agent Hello Everyone,I am trying to extract the unique browser name along with its count from the list of user agents(attac... by super_edition Path Finder in Security 12-11-2024 0 3	0	3
I am trying to use auth0 as an IDp for Splunk and I get the "Saml response does not contain group information." error, any help is greatly appreciated. I think this is a sample snip of the auth0 xml response but there is no attribute to use that has group information (... by ghlogger Explorer in Security 12-08-2024 1 5	1	5
Splunk installed failed to create splunk account on RHEL Dear experts, I installed splunk on the rhel servers. Majority of the time it works fine. But for this one server, wh... by ryu8450 New Member in Security 12-03-2024 0 6	0	6
Synchronizing the passwd file between Splunk servers with a shared splunk.secret My goal is to update the Splunk admin password across newly configured instances using the same password. These serve... by dflodstrom Builder in Security 11-27-2024 0 5	0	5
index Hello I want to see all indexes latest data time. like when did the latest data came to this index. by Siddharthnegi Contributor in Security 11-25-2024 0 1	0	1
Help on Correlation search scheduling Hello,I am currently building correlation searches in ES and I am running into a "searches delayed" issue. some of my... by ajmach343 Explorer in Security 11-25-2024 0 2	0	2
Locked account HI , I have a user let say USER1 , his account is getting locked everyday , I searched his username on splunk and eve... by Siddharthnegi Contributor in Security 11-25-2024 0 2	0	2
Gettting 404 error while trying to create an access token using curl command curl command : curl -k -u admin:Password -X POST http://127.0.0.1:8000/en-US/services/authorization/tokens?output_m... by prashanthvp Engager in Security 11-23-2024 0 2	0	2
Account keeps getting locked out I have an employee who keeps getting locked out. I wanted to know how to put a script in to find out which device is ... by jovnice Path Finder in Security 11-20-2024 0 23	0	23
Dispatch_rest_to_indexers Hi All,I have a question. What exactly 'Dispatch_rest_to_indexers' mean ?I am getting warning when running rest comma... by Poojitha Communicator in Security 11-13-2024 0 5	0	5
Cannot connect master. Hi, Im receiving an error in my CM when I go to input ./splunk edit cluster-config -mode slave -master_uri http://ur... by jan Loves-to-Learn in Security 11-11-2024 0 2	0	2
How to configure Splunk Mgm Port 8089 SSL certificate? Hello, we run an Indexer that functions as deployment server as well. I have already configured it to use our CA-Cert... by dsfyxcasdcertzu Explorer in Security 11-05-2024 0 4	0	4
monitoring workstation domains from active directory We have 500 domain workstations, and we have installed Splunk Universal Forwarders (UF) on the Active Directory serve... by hazem Path Finder in Security 11-04-2024 0 7	0	7
collect DNS logs Hello,How to collect DNS logs from Active Directory where the domain controllers have a DNS role by hazem Path Finder in Security 11-03-2024 0 4	0	4
Parameters must be in the form '-parameter value' error when trying to sign certificate. Does anyone have an idea on why I am returning the following error: Parameters must be in the form '-parameter value'... by CaptainHook Communicator in Security 11-01-2024 0 11	0	11
How to remove users from Splunk registered by SAML? Hi everyone, I need to remover users that leave the company. I´ve already remove them from company AD, but the remain... by Clecimar Explorer in Security 10-29-2024 1 10	1	10