Security

Start a Conversation

Discussions

Start a Conversation

Thread Info

'Configure Splunk forwarding to use your own certificates' possible documentation error

Hi, I'm trying to configure Splunk forwarders and indexers to use our own certificates and while checking the docu...

by Explorer in

Specific Wineventlog (Security) ingestion into Splunk

Hi Team, Currently we are ingesting all data from wineventlog Security, Application & System from all Windows Clie...

by Path Finder in

What is new Splunk admin password?

Hi - I just installed Splunk latest version 7.3.2. It went well, but from the website, I can't login with admin/chang...

by Contributor in

Monitor Role Changes in _Audit Trail

Audit:[timestamp=10-29-2017 15:55:70.674, user=bob@bob.com, action=edit_user, info=granted object="jerry@jerry.com" o...

by Engager in

SSO setup problems

Hi all, we are trying to get SSO working through the SAML authentication method but are running into errors that w...

by Path Finder in

Example of web uploads by a user to non-corporate sites use case?

Does anyone have examples of how to use Splunk to check for high volume web uploads by a user to non-corporate domain...

by Splunk Employee in

Detect installed Firefox extensions

Hello, I wanted to reach out to the community to see how users are detecting Firefox extensions that users are ins...

by New Member in

Proxying issues

Hi, I've installed Splunk Trial on my Windows 10 machine. I require to add a proxy server to access the internet o...

by Engager in

Is there a way to clean up local.meta, since role deletion in Splunk is and has been extremely broken?

I'm not sure if I trust my bash skills to go through and recursively sed all my very messy local.meta's from old role...

by Motivator in

What are some role-level search restriction?

Hello, Assuming I have a role created "myapp_admin_role" and there is a setting for User-level concurrent search j...

by Path Finder in

Issue while enabling sse-c on remote store

I am enabling smart store on Splunk 7.2.6 with SSE-C. My smart store is working without SSL parameters successfully. ...

by Path Finder in

Splunk setting roles

Hi, I want to set role in Splunk such that user is restricted to only searching. NO admin privileges.. Manager>...

by Explorer in

Can Splunk audit logs be deleted by a user who has access to the Splunk server?

Is it possible for a user who has access to the Splunk server delete audit logs in splunk? Auditors do not want our d...

by Engager in

How to configure User access based on index

Hi, I want to set up various user roles to users in my splunk instances. Like Users from Group A should only have ...

by New Member in

Disable SSL2, SSL3 and TLS1.0 globally

Hi We have a clustered index setup (two indexers) on 7.1.1 and 3 search heads (unclustered). What is the recommend...

by New Member in

How do you build a search that gets a list of forwarders using SSL with successful connections?

Can you help me make a search/query so I can get a list of forwarders using SSL with successful connections?

by New Member in

cost of splunk Splunk Enterprise Certified Admin

I have no course on splunk, and the company had me look up everything that i could from costs to time consumption to ...

by Path Finder in

How much RAM do I need to avoid I/O problems?

I have noticed a correlation between RAM usage and I/O on my indexers. Whenever RAM usage goes around or above 50%, I...

by Contributor in

Why am I getting the error "The request was aborted: Could not create SSL/TLS secure channel"?

Dear Team, I am new to Splunk and trying to create one same for hitting the Splunk endpoint from the c# Code. I ha...

by New Member in

Splunk web server external login

I'm using VirtualBox as a Virtual machine with CentOS 7 on it. I have used a NAT-adapter with port forwarding and a H...

by Engager in

Top Labels

access control 127
audit 63
authentication 161
encryption 62
LDAP 42
Linux 1
login 85
other 309
permissions 93
SAML 50
SSL 135
SSO 42

Get Updates on the Splunk Community!

Security

Discussions

'Configure Splunk forwarding to use your own certificates' possible documentation error

Specific Wineventlog (Security) ingestion into Splunk

What is new Splunk admin password?

Monitor Role Changes in _Audit Trail

SSO setup problems

Example of web uploads by a user to non-corporate sites use case?

Detect installed Firefox extensions

Proxying issues

Is there a way to clean up local.meta, since role deletion in Splunk is and has been extremely broken?

What are some role-level search restriction?

Issue while enabling sse-c on remote store

Splunk setting roles

Can Splunk audit logs be deleted by a user who has access to the Splunk server?

How to configure User access based on index

Disable SSL2, SSL3 and TLS1.0 globally

How do you build a search that gets a list of forwarders using SSL with successful connections?

cost of splunk Splunk Enterprise Certified Admin

How much RAM do I need to avoid I/O problems?

Why am I getting the error "The request was aborted: Could not create SSL/TLS secure channel"?

Splunk web server external login

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

There's No Place Like Chrome and the Splunk Platform

Customer Experience | Join the Customer Advisory Board!

Learning about certificates in appsCA.pem

How to disable verification of audience restrictio...

How to run a search to determine whether an app ha...

How to Customize global banner color and font?

How to collect all security logs for Microsoft 365...