Security

Community Activity

'Configure Splunk forwarding to use your own certificates' possible documentation error Hi, I'm trying to configure Splunk forwarders and indexers to use our own certificates and while checking the docume... by jorcabro Explorer in Security 10-22-2019 1 2	1	2
Specific Wineventlog (Security) ingestion into Splunk Hi Team, Currently we are ingesting all data from wineventlog Security, Application & System from all Windows Client... by anandhalagarasa Path Finder in Security 10-21-2019 1 2	1	2
Monitor Role Changes in _Audit Trail Audit:[timestamp=10-29-2017 15:55:70.674, user=bob@bob.com, action=edit_user, info=granted object="jerry@jerry.com" o... by lathwal Engager in Security 10-17-2019 4 2	4	2
SSO setup problems Hi all, we are trying to get SSO working through the SAML authentication method but are running into errors that we ... by srichansen Path Finder in Security 10-17-2019 0 3	0	3
Example of web uploads by a user to non-corporate sites use case? Does anyone have examples of how to use Splunk to check for high volume web uploads by a user to non-corporate domain... by adukes_splunk Splunk Employee in Security 10-16-2019 0 2	0	2
Detect installed Firefox extensions Hello, I wanted to reach out to the community to see how users are detecting Firefox extensions that users are insta... by santoshpaga New Member in Security 10-15-2019 0 0	0	0
Proxying issues Hi, I've installed Splunk Trial on my Windows 10 machine. I require to add a proxy server to access the internet on ... by abhsha Engager in Security 10-14-2019 0 6	0	6
Is there a way to clean up local.meta, since role deletion in Splunk is and has been extremely broken? I'm not sure if I trust my bash skills to go through and recursively sed all my very messy local.meta's from old role... by nick405060 Motivator in Security 10-13-2019 0 2	0	2
What are some role-level search restriction? Hello, Assuming I have a role created "myapp_admin_role" and there is a setting for User-level concurrent search job... by krusovice Path Finder in Security 10-09-2019 0 2	0	2
Issue while enabling sse-c on remote store I am enabling smart store on Splunk 7.2.6 with SSE-C. My smart store is working without SSL parameters successfully... by bsrikanthreddy5 Path Finder in Security 10-09-2019 0 1	0	1
Splunk setting roles Hi, I want to set role in Splunk such that user is restricted to only searching. NO admin privileges.. Manager>Role... by standias Explorer in Security 10-08-2019 0 2	0	2
Can Splunk audit logs be deleted by a user who has access to the Splunk server? Is it possible for a user who has access to the Splunk server delete audit logs in splunk? Auditors do not want our d... by doncrittendon Engager in Security 10-08-2019 1 1	1	1
How to configure User access based on index Hi, I want to set up various user roles to users in my splunk instances. Like Users from Group A should only have ac... by Gowthamdevaraj New Member in Security 10-08-2019 0 1	0	1
Disable SSL2, SSL3 and TLS1.0 globally Hi We have a clustered index setup (two indexers) on 7.1.1 and 3 search heads (unclustered). What is the recommended... by stevehut New Member in Security 10-08-2019 0 1	0	1
How do you build a search that gets a list of forwarders using SSL with successful connections? Can you help me make a search/query so I can get a list of forwarders using SSL with successful connections? by guheal New Member in Security 10-07-2019 0 3	0	3
cost of splunk Splunk Enterprise Certified Admin I have no course on splunk, and the company had me look up everything that i could from costs to time consumption to ... by rsaude Path Finder in Security 10-07-2019 0 7	0	7
How much RAM do I need to avoid I/O problems? I have noticed a correlation between RAM usage and I/O on my indexers. Whenever RAM usage goes around or above 50%, I... by gabriel_vasseur Contributor in Security 10-04-2019 0 6	0	6
Why am I getting the error "The request was aborted: Could not create SSL/TLS secure channel"? Dear Team, I am new to Splunk and trying to create one same for hitting the Splunk endpoint from the c# Code. I have... by adhakshinamoort New Member in Security 10-04-2019 0 3	0	3
Splunk web server external login I'm using VirtualBox as a Virtual machine with CentOS 7 on it. I have used a NAT-adapter with port forwarding and a H... by splunk_user_99 Explorer in Security 10-02-2019 0 1	0	1
OS and browser extraction from useragent Hi, I need to extract OS and browser details from useragent. Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1... by abhiram Explorer in Security 09-30-2019 2 4	2	4
Self-signed certificate without warnings? Has anybody figured out how to use a self-signed certificate without getting a warning that it's invalid? I can acces... by splunklearner12 Path Finder in Security 09-30-2019 0 3	0	3
SSL cert expired for 'https://mint.splunk.com' The ssl cert for 'https://mint.splunk.com' was expired on 26 September 2019 and the console seems no longer work. Whe... by rickyhe New Member in Security 09-30-2019 0 2	0	2
Restrict search term not working on a new created role inheriting the admin role Hi there, I have created an automatic lookup to separate events for different teams so that each events would be ass... by dashalfy New Member in Security 09-30-2019 0 0	0	0
Splunk GUI User Audit needed for LogIn and LogOut Hi, I have a need for auditing Splunk GUI Users for auditing. Our configuration is with LDAP and SSO. Therefore, _au... by mbasharat Builder in Security 09-29-2019 0 1	0	1
LDAP in Free version work? I have Free version Splunk. I have difficulty in setting LDAP authentication. I created the connection and the rights... by inhibitz New Member in Security 09-26-2019 0 4	0	4