Security

Community Activity

How To restrict access to Activity-> Jobs view for app? I have a group of users with their own role and app, and I want to restrict access for the Activity-> Jobs view for t... by katzr Path Finder in Security 05-14-2020 0 1	0	1
Forward only WARN OR ERROR log lines to splunk Hi Team, Need your expert advise on how can I configure my logstash.conf file to forward only the ERROR OR WARN log ... by vivek991985 New Member in Security 05-13-2020 0 4	0	4
Get failed login attempts from curl authentication Hi I'm trying to get failed login from users who try to authenticate to Splunk using curl authentication, my command ... by marone Explorer in Security 05-13-2020 0 4	0	4
dynamic outputlookup file creation Hi, I have a dashboard and when the user enters certain parameters using that tokens a outputlookup file is created w... by surekhasplunk Communicator in Security 05-12-2020 0 0	0	0
Issue pushing config updates on SHC I am experiencing an issue when I have made updates to the apps on the deployer for a search head cluster and trying ... by jeffbat Path Finder in Security 05-12-2020 0 0	0	0
Receiving charset warning Hello, I got a warning: “UTF8Processor - Using charset UTF-16LE, as the monitor is believed over the raw text which ... by usenetim Loves-to-Learn Lots in Security 05-12-2020 0 0	0	0
How to configure certificate on port 8089? InfoSec requires us to use a cert signed by them. I got the cert signed and setup in web.conf (See below).. I had the... by skoelpin SplunkTrust in Security 05-11-2020 0 8	0	8
users using outside VPN access Can't access splunk Web GUI? Greetings!Why users using outside VPN access Can't access splunk Web GUI? Where to check and how to fix this issue?Th... by pacifikn Communicator in Security 05-08-2020 0 2	0	2
Palo Alto Globalprotect / VPN Dashboards? With everyone working remotely nowadays, does anyone want to share their content on what a good PAN Global Protect da... by TheSplunkDude Explorer in Security 05-07-2020 1 9	1	9
how to implement ssl in outputs.conf More than 70% of forwarding destinations have failed. Ensure your hosts and ports in outputs.conf are correct. Also e... by seandavisnocti New Member in Security 05-07-2020 0 2	0	2
Will vulnerabilities disappear if management port 8089 is disabled on universal forwarders? Getting these vulnerabilities on a my splunkforwarders all on port 8089. To resolve the certificate issue I have a pa... by basketballah21 Engager in Security 05-06-2020 0 1	0	1
Restrict index to only accept data from specific forwarder in multi tenant environment Is it possible to restrict indexes to accept data from specific forwarder/subnets in a multi tenant clustered environ... by jjmarks81 Engager in Security 05-06-2020 1 1	1	1
Cannot figure out SSL configuration beween Indexer and Forwarders (7.3.4) I have followed all of Splunk's documentation to be able to use certificates signed by a local Certificate Authority ... by ricotries Communicator in Security 05-06-2020 0 0	0	0
Help needed with the user/password logon Hello, I have really urgent issue:- We use LDAP authentication in our instance, it worked fine for quite long. Now, t... by damucka Builder in Security 05-06-2020 0 5	0	5
SAML signature validation: "unable to get local issuer certificate" with self-signed certificate If have configured SAML authentication on Splunk. This works correctly with our ADFS TEST environment. Now when I plu... by matthieuch New Member in Security 05-05-2020 0 4	0	4
Delete old SAML users on SHCluster Hi there, I try to delete old SAML users on a SHCluster with Splunk 7.1.4.I followed instructions here https://answer... by francoisternois Path Finder in Security 05-04-2020 0 0	0	0
Unable to login into splunk I don't know what is wrong by ohhhvictor Path Finder in Security 05-03-2020 0 7	0	7
App Admins cannot view sourcetypes through settings menu Splunk 8.0.2.1 We have deployed a search head cluster and are experiencing an issue where Admin users of a specific A... by jjmarks81 Engager in Security 05-01-2020 0 0	0	0
Detect /list Active VPN sessions Frm F5 VPN logs, i can easily determine the VPN duration by using transaction command. The working query for me is : ... by riqbal47010 Path Finder in Security 04-27-2020 0 3	0	3
Splunk API comparison to btool command I am using Splunk version 7.3.2. I am trying to find the runtime input configuration on a Splunk heavy forwarder usin... by rohitmaheshwari Explorer in Security 04-23-2020 0 4	0	4
How to delete a private orphaned search of a user? Hi, I created an alert for monitoring orphaned enabled searches . It is getting saved searches for private searches o... by nishantskhsbc Explorer in Security 04-23-2020 0 1	0	1
Removing stale pid file... Can't unlink pid file "/opt/splunk/var/run/splunk/splunkd.pid": Permission denied Hello, I think there is a permission issue after my Linux system admin changed access to a directory.Now my SH stoppe... by vnguyen46 Contributor in Security 04-22-2020 0 3	0	3
Splunk Web not accessible via https We had provided created certificates and provided all information in web.conf[settings]enableSplunkWebSSL = 1privKeyP... by abhijitnath89ax Loves-to-Learn in Security 04-22-2020 0 7	0	7
What is the configuration required to create a view-only role? I want to create a role where the user is not able to search Splunk. They should only be able to view dashboards that... by the_wolverine Champion in Security 04-21-2020 2 2	2	2
Securely restrict access to index Is there any way in Splunk to allow an app which creates an index be the only app that's allowed to change permission... by frenchy198588 New Member in Security 04-21-2020 0 1	0	1