Security

Community Activity

Issue pushing config updates on SHC I am experiencing an issue when I have made updates to the apps on the deployer for a search head cluster and trying ... by jeffbat Path Finder in Security 05-12-2020 0 0	0	0
Receiving charset warning Hello, I got a warning: “UTF8Processor - Using charset UTF-16LE, as the monitor is believed over the raw text which ... by usenetim Loves-to-Learn Lots in Security 05-12-2020 0 0	0	0
How to configure certificate on port 8089? InfoSec requires us to use a cert signed by them. I got the cert signed and setup in web.conf (See below).. I had the... by skoelpin SplunkTrust in Security 05-11-2020 0 8	0	8
users using outside VPN access Can't access splunk Web GUI? Greetings!Why users using outside VPN access Can't access splunk Web GUI? Where to check and how to fix this issue?Th... by pacifikn Communicator in Security 05-08-2020 0 2	0	2
Palo Alto Globalprotect / VPN Dashboards? With everyone working remotely nowadays, does anyone want to share their content on what a good PAN Global Protect da... by TheSplunkDude Explorer in Security 05-07-2020 1 9	1	9
how to implement ssl in outputs.conf More than 70% of forwarding destinations have failed. Ensure your hosts and ports in outputs.conf are correct. Also e... by seandavisnocti New Member in Security 05-07-2020 0 2	0	2
Will vulnerabilities disappear if management port 8089 is disabled on universal forwarders? Getting these vulnerabilities on a my splunkforwarders all on port 8089. To resolve the certificate issue I have a pa... by basketballah21 Engager in Security 05-06-2020 0 1	0	1
Restrict index to only accept data from specific forwarder in multi tenant environment Is it possible to restrict indexes to accept data from specific forwarder/subnets in a multi tenant clustered environ... by jjmarks81 Engager in Security 05-06-2020 1 1	1	1
Cannot figure out SSL configuration beween Indexer and Forwarders (7.3.4) I have followed all of Splunk's documentation to be able to use certificates signed by a local Certificate Authority ... by ricotries Communicator in Security 05-06-2020 0 0	0	0
Help needed with the user/password logon Hello, I have really urgent issue:- We use LDAP authentication in our instance, it worked fine for quite long. Now, t... by damucka Builder in Security 05-06-2020 0 5	0	5
SAML signature validation: "unable to get local issuer certificate" with self-signed certificate If have configured SAML authentication on Splunk. This works correctly with our ADFS TEST environment. Now when I plu... by matthieuch New Member in Security 05-05-2020 0 4	0	4
Delete old SAML users on SHCluster Hi there, I try to delete old SAML users on a SHCluster with Splunk 7.1.4.I followed instructions here https://answer... by francoisternois Path Finder in Security 05-04-2020 0 0	0	0
Unable to login into splunk I don't know what is wrong by ohhhvictor Path Finder in Security 05-03-2020 0 7	0	7
App Admins cannot view sourcetypes through settings menu Splunk 8.0.2.1 We have deployed a search head cluster and are experiencing an issue where Admin users of a specific A... by jjmarks81 Engager in Security 05-01-2020 0 0	0	0
Detect /list Active VPN sessions Frm F5 VPN logs, i can easily determine the VPN duration by using transaction command. The working query for me is : ... by riqbal47010 Path Finder in Security 04-27-2020 0 3	0	3
Splunk API comparison to btool command I am using Splunk version 7.3.2. I am trying to find the runtime input configuration on a Splunk heavy forwarder usin... by rohitmaheshwari Explorer in Security 04-23-2020 0 4	0	4
How to delete a private orphaned search of a user? Hi, I created an alert for monitoring orphaned enabled searches . It is getting saved searches for private searches o... by nishantskhsbc Explorer in Security 04-23-2020 0 1	0	1
Removing stale pid file... Can't unlink pid file "/opt/splunk/var/run/splunk/splunkd.pid": Permission denied Hello, I think there is a permission issue after my Linux system admin changed access to a directory.Now my SH stoppe... by vnguyen46 Contributor in Security 04-22-2020 0 3	0	3
Splunk Web not accessible via https We had provided created certificates and provided all information in web.conf[settings]enableSplunkWebSSL = 1privKeyP... by abhijitnath89ax Loves-to-Learn in Security 04-22-2020 0 7	0	7
What is the configuration required to create a view-only role? I want to create a role where the user is not able to search Splunk. They should only be able to view dashboards that... by the_wolverine Champion in Security 04-21-2020 2 2	2	2
Securely restrict access to index Is there any way in Splunk to allow an app which creates an index be the only app that's allowed to change permission... by frenchy198588 New Member in Security 04-21-2020 0 1	0	1
searchbnf configuration always puts an 'equal' after the suggestions In Splunk I have configured the searchbnf.conf to provide some helpful search hints inline while the person types SPL... by jschoenberg_spl Splunk Employee in Security 04-20-2020 0 0	0	0
How to verify splunk Enterprise Management port 8089 is indeed secured with own certificates Hi All, We want to enable ssl in our aws splunk Enterprise cluster on management port 8089 with own certs(provided by... by vtalanki Path Finder in Security 04-20-2020 0 13	0	13
How to troubleshoot why splunkd is not running after restarting Splunk? Hello , Splunk Web was working fine until I restarted it. After that, I found Splunkd is not running. Tried all possi... by bagarwal Path Finder in Security 04-18-2020 0 5	0	5
users can't access result of SPL HiI search exact same SPL, it run and return result with admin user, but doesn't return anything with normal user! Wo... by indeed_2000 Motivator in Security 04-18-2020 0 2	0	2