Security

Community Activity

count of events in dynamic time defined by token Hi can anybody help with this problem, please? source1: lookup Tab (lookup.csv) att1 att2 att3 F1 1100 12.09.2024 F... by spisiakmi Contributor in Security 09-19-2024 0 4	0	4
Incident Review kv store /lookup migration We have two separate splunk instances with ES (standalone not clustered) . Consider it as a HO DR when i try to move ... by arunkuriakose Explorer in Security 09-18-2024 0 1	0	1
What is new Splunk admin password? Hi - I just installed Splunk latest version 7.3.2. It went well, but from the website, I can't login with admin/chang... by vnguyen46 Contributor in Security 09-14-2024 0 4	0	4
AI Assistant Security How does Splunk AI assistant keep customer data confidential? by gpinedo Splunk Employee in Security 09-12-2024 0 2	0	2
SAML and logs flooded with warnings: AQR and authentication extensions not supported. Or authentication extensions is su We have enabled Microsoft SAML for Splunk and out splunkd.log seems to be flooded with warnings like this:WARN UserMa... by jmartens Path Finder in Security 09-09-2024 0 8	0	8
LDAP Configuration JSON Error After creating a new LDAP strategy and entering all required information I get an error when saving.Entry not saved, ... by tringener Explorer in Security 09-03-2024 0 2	0	2
Log latency Hi Team, We could see latency in logsLog ingestion via - syslog Network devices --> Syslog server --> splunk Using be... by VijaySrrie Builder in Security 08-28-2024 0 2	0	2
Changing permissions for multiple eventtypes I have been using Splunk for a few months, and now have a number of eventtypes defined. However, they've all got priv... by hmallett Path Finder in Security 08-22-2024 2 3	2	3
Easy question.. how do I get just the HTTP response from this log? Hi! The log in question reads as:HTTP/1.1" 200 365 3in our splunk, we don't have a "HTTP status" field to pivot off o... by tengugurl1 Engager in Security 08-21-2024 0 1	0	1
Full list of security reports - compliance and operations Hi there!I'm looking for a comprehensive list of report ideas for all of security, including management/metrics, oper... by dbroggy Path Finder in Security 08-20-2024 0 1	0	1
Windows performance -Velocity SD Service Counters logs Hello I have some issue getting the Windows performance -Velocity SD Service Counters logs. I used[perform://Velocity... by SplunkDash Motivator in Security 08-19-2024 0 0	0	0
Search query for consecutive events Dear Splunkers, I would like ask your advice in order to complete following search result. My table checks for consec... by Stives Explorer in Security 08-18-2024 0 4	0	4
Extract Epoch Time as readable time format using props.conf Hello, I have events with epoch time. How can I extract epoch time in human readable format using props.conf. My prop... by SplunkDash Motivator in Security 08-17-2024 0 1	0	1
Unable to access Splunk Cloud access login failed error message Hello team, my Splunk cloud free instance has been locked out can you help me reset my password. thank you. by sapatil New Member in Security 08-15-2024 0 3	0	3
correlation searches Peace be upon you. I am now running correlation searches and I do not have data to fully test them. I want to activat... by tuts Path Finder in Security 08-11-2024 0 1	0	1
What permission / capability do I need to create KV store collection? Hi all, when the user tries to create a KV store collection through Lookup Editor, he got the error You do not have p... by Motoko89 Path Finder in Security 08-08-2024 1 5	1	5
Applying Certificates to Secure Port 8000 (web.conf) and 8089 (server.conf) in v8.2*- Solution I had so much trouble with this but figured I would share what I did to make it work for me. You may have other ways ... by amt Explorer in Security 08-07-2024 0 4	0	4
Accessing apps in 6.4.x results in "Error connecting: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed" After moving to Splunk 6.4.x, the following error can occur in the UI when navigating to: Apps —> Browse more apps ... by arowsell_splunk Splunk Employee in Security 08-06-2024 1 10	1	10
debug/refresh for authorize.conf capabilities Hello,Is /debug/refresh enough to reload role capabilities for authorize.conf?Thanks. Splunk entreprise v9 by splunkreal Motivator in Security 08-05-2024 0 3	0	3
PCI and PAN TeamI just was able to create a search in Splunk to detect Credit Card numbers. PCI was also onboarded into our new S... by tjbacchus New Member in Security 08-02-2024 0 2	0	2
Newly added monitor only ingests some of the data SO the other day, I was asked to ingest some data for jenkins, and Splunk has seemed to only ingest some of that data... by Abass42 Communicator in Security 07-31-2024 0 5	0	5
UserQuery Option for Splunk Dashboard Hey, I am doing Predictive Maintenance using LLM's and I want to use Splunk to build dashboard. There I am going to i... by syaganti Loves-to-Learn Everything in Security 07-31-2024 0 6	0	6
analyze this data in Splunk Scenario: The device has been compromised, and we want to understand how the breach occurred. We have extracted data ... by tuts Path Finder in Security 07-31-2024 0 4	0	4
Use SSO and reverse proxy to skip the login page I want to use SSO and reverse proxy to skip the login page and go directly to the service app page.I found several re... by Hamsu Loves-to-Learn Lots in Security 07-30-2024 0 0	0	0
Integrating LLM's into Splunk Dashboard I finetuned LLM and I want to integrate that with Splunk. In Splunk Dashboard, I am going to include Question/Answeri... by syaganti Loves-to-Learn Everything in Security 07-30-2024 0 0	0	0