Security

Community Activity

Newly added monitor only ingests some of the data SO the other day, I was asked to ingest some data for jenkins, and Splunk has seemed to only ingest some of that data... by Abass42 Communicator in Security 07-31-2024 0 5	0	5
UserQuery Option for Splunk Dashboard Hey, I am doing Predictive Maintenance using LLM's and I want to use Splunk to build dashboard. There I am going to i... by syaganti Loves-to-Learn Everything in Security 07-31-2024 0 6	0	6
analyze this data in Splunk Scenario: The device has been compromised, and we want to understand how the breach occurred. We have extracted data ... by tuts Path Finder in Security 07-31-2024 0 4	0	4
Use SSO and reverse proxy to skip the login page I want to use SSO and reverse proxy to skip the login page and go directly to the service app page.I found several re... by Hamsu Loves-to-Learn Lots in Security 07-30-2024 0 0	0	0
Integrating LLM's into Splunk Dashboard I finetuned LLM and I want to integrate that with Splunk. In Splunk Dashboard, I am going to include Question/Answeri... by syaganti Loves-to-Learn Everything in Security 07-30-2024 0 0	0	0
Enrich ES webhook event trigger alert with annotation Hi there, now I'm trying some of escu's built-in rules and sending them as notable alerts and via msteams webhooks. H... by elend Communicator in Security 07-30-2024 0 0	0	0
AI integration with Splunk- How can I encapsulate the token value example: '$SourceCode_Tok$' ? Hello, I am working on a project to integrate Splunk with a LLM model. I have created an app that search vulnerabili... by Marino25 Observer in Security 07-30-2024 0 1	0	1
How to Reset the Admin password? I just realized that I lost the Admin password and I need a way to access the system, with my Admin credentials. by Lionel Splunk Employee in Security 07-23-2024 47 40	47	40
Webhook - Pass certificate for webservice Hello, I invoke the rest webservice from Alert webhook which works fine for unsecured webservice calls. But it fails ... by senthilkumar76 Engager in Security 07-23-2024 0 1	0	1
How can I create alerts based on this app data received using API How can I create alerts based on this app data received using API? How this app https://splunkbase.splunk.com/app/696... by aruncp333 Explorer in Security 07-22-2024 0 1	0	1
Does anyone know how to programmatically create SAML group to Splunk Role mappings in Splunk 9.2? I have an outside SAML system (Okta) which we are using to login to our Splunk system and we are defining indexes for... by BlueSocket Contributor in Security 07-19-2024 0 1	0	1
Vulnerability in compression algorithm Hi all!We deployed Splunk Cluster on OEL 8. The latest version is currently installed - 9.2.2. The vulnerability scan... by Zhanali Path Finder in Security 07-18-2024 0 3	0	3
Splunkd services are not starting on boot-start Hi All,Hope this message finds you well.I have installed splunk on-prem on a linux box as a splunk user and have give... by man03359 Communicator in Security 07-18-2024 0 3	0	3
SPLUNK not starting after certificate renewal Hello, I am running SPLUNK 9.1.2 on Linux and ever since I installed a new internal certificate, I am not able to run... by Orange_girl Loves-to-Learn Everything in Security 07-17-2024 0 2	0	2
dedicated threat intel feed Hi there, I'd like to have a dedicated threat intel feed which goes to a custom created lookup (non-default), is that... by heskez Engager in Security 07-16-2024 0 1	0	1
Splunk issue report: Error in security domain settings in correlation searches and Incident Review page While using Splunk ES, we noticed that correlation searches were setTo an incorrect security field on the Incident Re... by tuts Path Finder in Security 07-14-2024 0 10	0	10
Which capabilities has a user used? Trying to create a search that will show which capabilities a user has used within the last year. by Moldy Engager in Security 07-12-2024 0 2	0	2
Required permission for linux user owner of Splunk software Hi Guys, we have a doubt reagarding the user that execute Splunk on a linux environment.Until now, we have always avo... by SplunkExplorer Contributor in Security 07-12-2024 0 2	0	2
Disable user account temporary I would like to disable some local accounts temporary. I cannot find disable or suspend button in access controls set... by karn Path Finder in Security 07-12-2024 0 3	0	3
CVE-2024-5535 - Openssl 1.0.2zj Vunerability Hey ,Just heard about CVE-2024-5535 on splunkforwarder agent 9.0.9 for Openssl 1.0.2zj , Is this a real one ? Do we n... by AkhilSreek New Member in Security 07-11-2024 0 1	0	1
Field Extraction with CSV File Hello.I have some issues with field parsing for the CSV files using props configuration. I should be getting 11 field... by SplunkDash Motivator in Security 07-11-2024 0 6	0	6
What permissions do I need to give a user on the master node to view the monitoring console? What capabilities I need to give to particular user on master node in order to view monitoring console? Right now I ... by nabhosal New Member in Security 07-10-2024 0 9	0	9
windows ta addon not extracting action I am having issues with action extraction on my windows addon . for example the eventcode 4624 should have an action ... by Chiranjeev Explorer in Security 07-08-2024 0 6	0	6
SHC with SAML authentication - role update on existing group does not apply Hello, I have a Search Head Cluster configured with SAML authentication (ADFS)... For an existing SAML group (alrea... by sylbaea Communicator in Security 07-08-2024 0 17	0	17
Security Domain Why is it that every time I set the event under (Security Domain=NETWORK) from the Content Management page, the value... by tuts Path Finder in Security 07-08-2024 0 0	0	0