Security

Community Activity

Tenable add-on for splunk - Unable to create/update account settings After i updated tha add-on to 6.3.x I am not able to create or update account setting under account type Tenable.sc c... by rupert Engager in Security 09-26-2024 0 2	0	2
Why is OPENSSL vulnerability still showing in latest release? Greetings, We started seeing OPSNSSL vulnerabilities on all of our Splunk forwarders and the main engine this week. T... by tsondo Explorer in Security 09-26-2024 0 23	0	23
How to make real IP user showing while using LB in shcluster instead of only 1 IP from LB or AD in Audittrail log? Hi, this is my 1st post, I'm a newbie splunkers.I have a case from my clients so, the splunk is running with LB follo... by scr1biddies Loves-to-Learn Lots in Security 09-26-2024 0 8	0	8
regular expression Hi I want to extract highlighted partSep 24 10:43:25 10.82.10.245 [S=217] [BID=d57afa:30] RAISE-ALARM:acProxyConnecti... by Siddharthnegi Contributor in Security 09-24-2024 0 2	0	2
Attack Range Local (ubuntu 22.04) I'm trying to build a Local Attack Range but it fails when it tries to restart the splunk.service. The Splunk instanc... by ejohns Loves-to-Learn in Security 09-23-2024 0 3	0	3
count of events in dynamic time defined by token Hi can anybody help with this problem, please? source1: lookup Tab (lookup.csv) att1 att2 att3 F1 1100 12.09.2024 F... by spisiakmi Contributor in Security 09-19-2024 0 4	0	4
Incident Review kv store /lookup migration We have two separate splunk instances with ES (standalone not clustered) . Consider it as a HO DR when i try to move ... by arunkuriakose Explorer in Security 09-18-2024 0 1	0	1
What is new Splunk admin password? Hi - I just installed Splunk latest version 7.3.2. It went well, but from the website, I can't login with admin/chang... by vnguyen46 Contributor in Security 09-14-2024 0 4	0	4
AI Assistant Security How does Splunk AI assistant keep customer data confidential? by gpinedo Splunk Employee in Security 09-12-2024 0 2	0	2
SAML and logs flooded with warnings: AQR and authentication extensions not supported. Or authentication extensions is su We have enabled Microsoft SAML for Splunk and out splunkd.log seems to be flooded with warnings like this:WARN UserMa... by jmartens Path Finder in Security 09-09-2024 0 8	0	8
LDAP Configuration JSON Error After creating a new LDAP strategy and entering all required information I get an error when saving.Entry not saved, ... by tringener Explorer in Security 09-03-2024 0 2	0	2
Log latency Hi Team, We could see latency in logsLog ingestion via - syslog Network devices --> Syslog server --> splunk Using be... by VijaySrrie Builder in Security 08-28-2024 0 2	0	2
Changing permissions for multiple eventtypes I have been using Splunk for a few months, and now have a number of eventtypes defined. However, they've all got priv... by hmallett Path Finder in Security 08-22-2024 2 3	2	3
Easy question.. how do I get just the HTTP response from this log? Hi! The log in question reads as:HTTP/1.1" 200 365 3in our splunk, we don't have a "HTTP status" field to pivot off o... by tengugurl1 Engager in Security 08-21-2024 0 1	0	1
Full list of security reports - compliance and operations Hi there!I'm looking for a comprehensive list of report ideas for all of security, including management/metrics, oper... by dbroggy Path Finder in Security 08-20-2024 0 1	0	1
Windows performance -Velocity SD Service Counters logs Hello I have some issue getting the Windows performance -Velocity SD Service Counters logs. I used[perform://Velocity... by SplunkDash Motivator in Security 08-19-2024 0 0	0	0
Search query for consecutive events Dear Splunkers, I would like ask your advice in order to complete following search result. My table checks for consec... by Stives Explorer in Security 08-18-2024 0 4	0	4
Extract Epoch Time as readable time format using props.conf Hello, I have events with epoch time. How can I extract epoch time in human readable format using props.conf. My prop... by SplunkDash Motivator in Security 08-17-2024 0 1	0	1
Unable to access Splunk Cloud access login failed error message Hello team, my Splunk cloud free instance has been locked out can you help me reset my password. thank you. by sapatil New Member in Security 08-15-2024 0 3	0	3
correlation searches Peace be upon you. I am now running correlation searches and I do not have data to fully test them. I want to activat... by tuts Path Finder in Security 08-11-2024 0 1	0	1
What permission / capability do I need to create KV store collection? Hi all, when the user tries to create a KV store collection through Lookup Editor, he got the error You do not have p... by Motoko89 Path Finder in Security 08-08-2024 1 5	1	5
Applying Certificates to Secure Port 8000 (web.conf) and 8089 (server.conf) in v8.2*- Solution I had so much trouble with this but figured I would share what I did to make it work for me. You may have other ways ... by amt Explorer in Security 08-07-2024 0 4	0	4
Accessing apps in 6.4.x results in "Error connecting: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed" After moving to Splunk 6.4.x, the following error can occur in the UI when navigating to: Apps —> Browse more apps ... by arowsell_splunk Splunk Employee in Security 08-06-2024 1 10	1	10
debug/refresh for authorize.conf capabilities Hello,Is /debug/refresh enough to reload role capabilities for authorize.conf?Thanks. Splunk entreprise v9 by splunkreal Motivator in Security 08-05-2024 0 3	0	3
PCI and PAN TeamI just was able to create a search in Splunk to detect Credit Card numbers. PCI was also onboarded into our new S... by tjbacchus New Member in Security 08-02-2024 0 2	0	2