Security

Community Activity

Help in identifying the capabilities for REST search to fetch User/Role/App details Hi all, I have the below rest searches to fetch the User, Role and Application details, respectively. \| rest /servic... by harshal_chakran Builder in Security 05-14-2019 0 3	0	3
Licensing Error Product - Splunk Enterprise On the 'Search & Reporting' screen, I can see that there are events coming in. When I cl... by subhasishsarkar New Member in Security 05-13-2019 0 3	0	3
Why are users from an LDAP Authenticated group not showing up? We have created a group through our Active Directory team that contains ~6000 users. We have mapped this group throu... by vxb4892 Engager in Security 05-13-2019 0 7	0	7
seeking confirmation: there is no way to lockout the splunk admin account? assuming that I want to keep the Splunk admin account, using a very secure complex password, I believe that by design... by vincenp2 New Member in Security 05-10-2019 0 5	0	5
LDAP with more then 1000 groups Hi, I have a problem with a LDAP configuration I know there is a limit by 1000 users so I have change the following ... by michel_wolf Path Finder in Security 05-09-2019 1 3	1	3
List each user and their assigned roles and indexes assigned by roles We have about 1000+ users in our Splunk environment and we are getting ready for an audit. Specifically, we are revie... by brdr Contributor in Security 05-09-2019 0 3	0	3
how do i delete LDAP users permanently from splunk users list Hi, My splunk app is configured with LDAP authentication method and there is a bunch of users who left and they need... by splunkgk Path Finder in Security 05-08-2019 0 3	0	3
Query to find failed logins by domain admins I was using the below search query to find the failed logins by domain admins however i was asked not to use lookup f... by swamysanjanaput Explorer in Security 05-08-2019 0 1	0	1
How does Native Splunk Authentication work? Hello, As the question title suggests, I am looking for any technical documentation that concerns the Native Splunk A... by andrewtrobec Motivator in Security 05-07-2019 0 2	0	2
Facing Issues To Run A Report On User Access Hi Experts, I have admin permission to login into the splunk. So whenever I run a report, it's taking hardly 2 secon... by saibal6 Path Finder in Security 05-07-2019 0 2	0	2
ERROR PasswordHandler - Decrypted password from stanza=credential::127.0.0.1\\Administrator: is not utf8, skipping When attempting to SendAlert to trigger action from our Malwarebytes Splunk App. I receive the following Error in Sp... by ialislam New Member in Security 05-06-2019 0 2	0	2
ImportError: No module named splunklib.searchcommands Hi all, I'm working with app "misp42splunk" which can be used to extract information from the MISP instance. The n... by bugnet Path Finder in Security 05-05-2019 1 0	1	0
How do I get Monitoring for JSON log files in docker host volume mount directories with Splunk Universal Forwarder working? Getting permission issues I'm working with Splunk Universal Forwarder 6.5.2 and am trying to configure a monitor on the docker volumes director... by shodudley New Member in Security 05-02-2019 0 0	0	0
Read only user - remove setting HI I want to create a 100% read only user, how do i remove the setting. I hvae tried to remove the "list setting". B... by robertlynch2020 Influencer in Security 05-02-2019 0 0	0	0
How to create an API Splunk app with Splunk Add on Builder using certificate based authentication? Hello, I am trying to build and add on using the Splunk builder app to make API calls but using certificates for aut... by adetokunbowahab New Member in Security 05-02-2019 0 0	0	0
The 'NotBefore' condition could not be verified successfully. The SAML response is not valid The 'NotBefore' condition could not be verified successfully. The SAML response is not valid My IDP provider is ADFS. by khusain_splunk Splunk Employee in Security 04-30-2019 0 1	0	1
Some troubles when add host to SHC Hi, guys. I've Splunk Search Head cluster and I want add new member to this cluster. I use documentation from https:... by GenRockeR Explorer in Security 04-30-2019 0 2	0	2
how to set proxy for SplunkJS on IIS Server I am able to setup proxy on NGINX as per the instructions on http://dev.splunk.com/view/javascript-sdk/SP-CAAAEWQ. Ho... by AshChakor Path Finder in Security 04-29-2019 0 1	0	1
Role with R/W access to app cannot change knowledge object permissions Hello, I'm trying to do something very simple. I am trying to give a role the ability to edit the permissions of kno... by jtjxa New Member in Security 04-29-2019 0 0	0	0
How to audit security logs to find password compromises? We audit the security logs looking for password compromises. A user will put the password in as the username and res... by thomasbchurch New Member in Security 04-29-2019 0 5	0	5
Use LDAP only for Authentication and Splunk internal roles for role management Hi Team, Wanted to check if any of you have used LDAP only for Authentication and then handled the roles using splun... by newbie2tech Communicator in Security 04-26-2019 0 5	0	5
How to configure LDAP authentication using SmartCard? Hi! So I managed to configure LDAP authentication for the search head, but what if I want to make a user connect thr... by agentsofshield Path Finder in Security 04-25-2019 1 1	1	1
Splunkweb Certificate issue Hi Splunkers, we are using clustered enviornment, we having 3 SH .We have notified by infra team that one of our se... by rohitvjoshi Path Finder in Security 04-24-2019 0 2	0	2
Why does the browser show "splunk https site not secure"? Hi, I have checked many answers and done some changes but I continue to receive site not secure screen first time wh... by Sukisen1981 Champion in Security 04-24-2019 1 8	1	8
Configuring Splunk SSL for forwarder/indexer communication Hey Splunkers, This maybe less of a question and more of a comment. The "Configure Splunk forwarding to use signed c... by liquidclay23 Explorer in Security 04-19-2019 1 1	1	1