Security

Community Activity

LDAP - shcluster/apps - authorize.conf not showing up in the UI In a clustered environment roles defined and mapped for LDAP authentication configured in Deployer (shcluster/apps) a... by ppilla Engager in Security 08-08-2019 0 3	0	3
How to mask passwords from suricata json.eve Hi all, I would like to hide password at payload_printable field in event log from suricata json.eve. {"timestamp":... by thund_ssi Explorer in Security 08-07-2019 0 2	0	2
search time regular expression. Hi All , below is my sample data. We are receiving data using key=value pairs like below. time=time1 \| dest_ip=abmn... by jsuryaprakash Path Finder in Security 08-07-2019 0 3	0	3
Need help making a swimlane for All Privileged Authentication Attempts I'm trying to make a Swimlane search to use the Authentication Datamodel, and the Privileged Authentication Dataset, ... by MikeVenable Path Finder in Security 08-06-2019 0 6	0	6
Splunk Docker container error "cannot create /opt/container_artifact/splunk-container.state: Permission denied"? I had been successfully using a custom Dockerfile to create a Docker container based on the Splunk-provided Docker im... by Graham_Hanningt Builder in Security 08-06-2019 0 1	0	1
Splunk Power Users Role -- Edit all Saves Reports and Alerts We have hundreds and hundreds of saved searches and dozens of Alerts. I need the power user role to be able to edit a... by TobiasBoone Communicator in Security 08-05-2019 0 3	0	3
Grant Power Users Role Edit on All Saves Searches / Alerts We have hundreds of saved searches/reports/alerts. I need the power users role to be able to edit and maintain them,... by TobiasBoone Communicator in Security 08-05-2019 0 1	0	1
allow user to run search contained in lookup I have created a lookup. fairly basic 2 columns, column 1 has an ID the second a search string. ID searchstr... by dmcintosh1972 Explorer in Security 08-04-2019 0 3	0	3
Splunk Enterprise - Demo System Error Hello, I installed the Splunk Enterprise Demo System on my local machine, However, once I click on Splunk Icon on m... by lokeshtibbani New Member in Security 08-04-2019 0 0	0	0
Onprem SplunkWeb Successfully Using Internal CA Issued SSL Cert but Site Displays Certificate is "Not Secure" We have On Prem Splunk Deployment and Heavy Forwarder Servers We have a requirement to use third party SSL Certificat... by cbwillh Path Finder in Security 08-02-2019 0 1	0	1
Splunk Rest Request using browser - Unauthorized because of Origin header "services/search/jobs/" Splunk endpoint is replying “Unauthorized” (HTTP 401) due to the presence of the “Origin”/”Re... by mibrahim8 Explorer in Security 08-02-2019 0 1	0	1
Which default certificate should I use to certify my HTTP Event Collector I am running some C# code that sends a POST request to my Splunk HTTP Event Collector at the following URL - https://... by llovell Engager in Security 08-01-2019 1 3	1	3
anyone else have an error when upgrading from ES 5.30 to 5.31 fails on sa-utils testing out the july 24 2019 release of Enterprise Security. Consistently fails on enabling the application (Fails on... by ssattler Path Finder in Security 08-01-2019 0 0	0	0
Multiple LDAP group User part Hello All, If one user is part of multiple LDAP groups which are linked in Splunk. Which one will he assigned to? ... by vishaltaneja070 Motivator in Security 08-01-2019 0 1	0	1
Server Error on Login from a remote machine HI, I have a splunk enterprise out of box installed on win 10. I can login using localhost no problem, but if I try t... by luigius New Member in Security 07-31-2019 0 4	0	4
Getting Error as 'TsidxStats': WHERE clause is not an exact query in Cisco Networks App I am facing Error in 'TsidxStats': WHERE clause is not an exact query on Cisco Network Networks App. by singriajay Explorer in Security 07-31-2019 0 0	0	0
KV Store Errors - W2K12 Hello All, I have searched for a fix for these KVstore errors: Failed to start KV Store process. See mongod.log and... by eholz1 Builder in Security 07-30-2019 0 0	0	0
LDAP configuration issue I am trying to set-up LDAP authentication. But not able to proceed with below error when adding new LDAP strategy. In... by nareshinsvu Builder in Security 07-29-2019 0 9	0	9
Splunk as a SIEM Best Practices for Security Professionals Just curious if there is any documentation to help understand the best practices to use Splunk Enterprise as a SIEM f... by aking76 Path Finder in Security 07-29-2019 1 4	1	4
What are the default ciphers used for supportSSLV3Only=true If I do not specify a cipherSuite entry explicitly what is used? For example, is it equivalent to 'SSLv3:!aNULL:!eNU... by ashrafmr Engager in Security 07-29-2019 0 3	0	3
Splunk capabilities rol Hello Splunkers! i have a question, i am unable to search on splunk web that's because accidentaly deleted some capa... by julian0125 Explorer in Security 07-26-2019 0 2	0	2
Splunk Web access via F5 Proxy Hello all, I was trying to get our splunk instance from an address defined on F5. Simply, we'd love to have access f... by gbedsaul1 New Member in Security 07-26-2019 0 1	0	1
Splunk first time login failing Installed Splunk Enterprise on Azure, unable to login admin/changeme. help please by msunckfree New Member in Security 07-26-2019 0 1	0	1
Cert issue with TA-Illumio When configuring the Illumio TA it is failing to communicate to my Illumio server and errors about the certificate on... by gregorytd New Member in Security 07-26-2019 0 9	0	9
SAML User deletion from Search Head Cluster How do I delete SAML users from Search Head Cluster? I tried removing from stand-alone Search Head(Dev environment) ... by ssharma09 Explorer in Security 07-26-2019 0 2	0	2