Security

Community Activity

Unable to authenticate with LDAP I have connected my Splunk instance (on Linux) to LDAP and I get a successful bind. Additionally, I can map groups an... by jlkokko Path Finder in Security 08-15-2019 0 12	0	12
LDAP Configuration is asking for attributes 1.1 - failing Hello I'm trying to configure Splunk 7.3.0 (657388c7a488) with LDAP authentication but it keeps failing during the se... by cam343 Path Finder in Security 08-15-2019 0 3	0	3
Log Event Alert Action not visible when creating alert Hi All, I am creating an alert in an app which I have made using the add-on builder, my app name starts with SA-. As... by dsofoulis Path Finder in Security 08-15-2019 0 1	0	1
ERROR WIth ProcessDispatchedSearch - PROCESS_SEARCH "XXX": The process cannot access the file because it is being used by another process. Hello All We are having a very hard time to clear the type of error in our Splunkd logs . We are having this issue... by GSK Explorer in Security 08-14-2019 1 2	1	2
Password Reset Command for Splunk Can somebody show me a Splunk command on how to find a number of password resets and how I can display the total numb... by keldridg2 New Member in Security 08-14-2019 0 13	0	13
how to handle ERROR ArchiveContext , Decompression error Hello Splunkers , Good day I am stuck with one problem where i am monitoring .gz files using UF and getting the da... by kannu Communicator in Security 08-14-2019 0 0	0	0
Default Power User Capabilities Can a default Power User view/check licenses. by jtnormand New Member in Security 08-13-2019 0 1	0	1
power user exam 2 i have seen online where people are saying that the power user exam is a open book, is this a true statement? by francright29 New Member in Security 08-13-2019 0 2	0	2
user by which splunk is installed on windows os I have splunk installed on windows os in production environment and I want to know by which user splunk is installed ... by ips_mandar Builder in Security 08-13-2019 0 2	0	2
How is a splunkworks add on supported by splunk A number of add on's have been placed in the public domain to allow users to own and control their development. How w... by nclancy_splunk Splunk Employee in Security 08-13-2019 1 1	1	1
Splunk and CSP functions I'm running nginx with the below security config. add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-P... by tb5821 Communicator in Security 08-12-2019 0 1	0	1
How do I pass credential in custom search command My custom search command required some credentials to work (third party lib auth) and I don't want to have it hardcod... by mhurtovy New Member in Security 08-12-2019 0 1	0	1
Geographically improbable Access Using iplocation Hi everybody, I was reading https://answers.splunk.com/answers/560188/logic-behind-geographically-improbable-access-... by JRamirezEnosys Explorer in Security 08-08-2019 0 2	0	2
LDAP - shcluster/apps - authorize.conf not showing up in the UI In a clustered environment roles defined and mapped for LDAP authentication configured in Deployer (shcluster/apps) a... by ppilla Engager in Security 08-08-2019 0 3	0	3
How to mask passwords from suricata json.eve Hi all, I would like to hide password at payload_printable field in event log from suricata json.eve. {"timestamp":... by thund_ssi Explorer in Security 08-07-2019 0 2	0	2
search time regular expression. Hi All , below is my sample data. We are receiving data using key=value pairs like below. time=time1 \| dest_ip=abmn... by jsuryaprakash Path Finder in Security 08-07-2019 0 3	0	3
Need help making a swimlane for All Privileged Authentication Attempts I'm trying to make a Swimlane search to use the Authentication Datamodel, and the Privileged Authentication Dataset, ... by MikeVenable Path Finder in Security 08-06-2019 0 6	0	6
Splunk Docker container error "cannot create /opt/container_artifact/splunk-container.state: Permission denied"? I had been successfully using a custom Dockerfile to create a Docker container based on the Splunk-provided Docker im... by Graham_Hanningt Builder in Security 08-06-2019 0 1	0	1
Splunk Power Users Role -- Edit all Saves Reports and Alerts We have hundreds and hundreds of saved searches and dozens of Alerts. I need the power user role to be able to edit a... by TobiasBoone Communicator in Security 08-05-2019 0 3	0	3
Grant Power Users Role Edit on All Saves Searches / Alerts We have hundreds of saved searches/reports/alerts. I need the power users role to be able to edit and maintain them,... by TobiasBoone Communicator in Security 08-05-2019 0 1	0	1
allow user to run search contained in lookup I have created a lookup. fairly basic 2 columns, column 1 has an ID the second a search string. ID searchstr... by dmcintosh1972 Explorer in Security 08-04-2019 0 3	0	3
Splunk Enterprise - Demo System Error Hello, I installed the Splunk Enterprise Demo System on my local machine, However, once I click on Splunk Icon on m... by lokeshtibbani New Member in Security 08-04-2019 0 0	0	0
Onprem SplunkWeb Successfully Using Internal CA Issued SSL Cert but Site Displays Certificate is "Not Secure" We have On Prem Splunk Deployment and Heavy Forwarder Servers We have a requirement to use third party SSL Certificat... by cbwillh Path Finder in Security 08-02-2019 0 1	0	1
Splunk Rest Request using browser - Unauthorized because of Origin header "services/search/jobs/" Splunk endpoint is replying “Unauthorized” (HTTP 401) due to the presence of the “Origin”/”Re... by mibrahim8 Explorer in Security 08-02-2019 0 1	0	1
Which default certificate should I use to certify my HTTP Event Collector I am running some C# code that sends a POST request to my Splunk HTTP Event Collector at the following URL - https://... by llovell Engager in Security 08-01-2019 1 3	1	3