Security

Community Activity

How to find KOs owned by inactive users? pls whats the better way to create a search query for identifying knowledge object from inactive users and cleaning i... by whitecat001 Explorer in Security 05-03-2024 0 2	0	2
Field Extraction from Indexed field Hi All,I am trying to extract a value from the indexed field. i.e from source field . I have added the regex in props... by Poojitha Communicator in Security 05-03-2024 0 3	0	3
Deployment Server - Changes not pushed even though there is successful phonehome connection Hi All,I have setup new deployment server and new heavy forwarder. There is successful phonehome connection when I ch... by Poojitha Communicator in Security 05-02-2024 0 3	0	3
SOAR with Splunk Enterprise. Hello, I want to use SOAR with Splunk Enterprise. The two work together so that I do not buy Splunk ES. Therefore, I ... by tuts Path Finder in Security 04-30-2024 0 2	0	2
Name change - urgent I really need splunk to update my name. I have raised ticket twice and both time I was told 'it's not their job and p... by roywan New Member in Security 04-29-2024 0 2	0	2
Cannot determine this apps python compatibility: Mission Control Tje splunk readiness app, cannot determine if Mission Control app is python compatible by heres Observer in Security 04-29-2024 0 1	0	1
How to normalise the fields via OCSF Has anyone implemented OCSF model in your Splunk security practise. Got a rough idea in this and about to start the a... by NAGA4 Engager in Security 04-29-2024 0 1	0	1
"View on Mobile" button automatically creates Authentication Token? Hi fellow Splunkers,i recently came across an authentication Token created by splunk-system-user and i had no clue wh... by TheEggi98 Path Finder in Security 04-26-2024 1 1	1	1
Using relaystat with SAML Hi allI have a question about using relaystate with SAML when using Azure Ad B2C as the Idpwe successfully managed to... by aamer86 Path Finder in Security 04-23-2024 0 0	0	0
How to convert Millsec to Seconds Hi Team How to convert millsec value to seconds index=testing \| timechart max("event.Properties.duration") Can anyo... by jaibalaraman Path Finder in Security 04-22-2024 0 5	0	5
How to creaate Splunk authentication with CAC / Smart Card and LDAP for Authorization? Hello, We are using Splunk with CAC / Smart Card authentication and want to add to our configuration the ability to m... by jramnanitandem Explorer in Security 04-16-2024 0 10	0	10
Need to Change the Max Lines from 5 to 20 Hi Team,Our Splunk Search heads are hosted in Cloud and managed by Support and currently we are running with the late... by anandhalagaras1 Contributor in Security 04-16-2024 0 4	0	4
Data Masking Before Ingestion Hi Team,Want to mask two of the fields "password" and "cpassword" from the events which are getting written with the ... by anandhalagaras1 Contributor in Security 04-15-2024 0 8	0	8
Splunk web to work on https Hello Splunkers!!I want to work Splunk on https. I am using windows server.How to generate certificate in Splunk and ... by uagraw01 Motivator in Security 04-12-2024 0 4	0	4
New "role" cannot be added to any users due to "is not grantable"; how to make roles "grantable"? I am adding a new role to allow analysts to access the Monitoring Console. I believe that the minimum set of capabili... by woodcock Esteemed Legend in Security 04-12-2024 1 8	1	8
Why is assets_by_cidr.csv lookup file empty? As I was going through the Asset and Identity Management manual, I couldn't see anything related to how to enrich the... by EssKay Engager in Security 04-11-2024 0 1	0	1
How to troubleshoot why we are unable to log in to Splunk Web? We are not able to log in to Splunk Web. We are able to log in on Box putty with the same username and password, but ... by sahils New Member in Security 04-10-2024 0 6	0	6
Port Documentation We have a standalone install which has to follow specific guidance and documentation. Without getting much into thing... by dcsteve24 Explorer in Security 04-05-2024 0 2	0	2
Removal of the confidential data Hello Splunkers!!Below are the sample events I have in which I want to mask UserID field and Password field. There is... by uagraw01 Motivator in Security 04-05-2024 0 3	0	3
Issue with excluding a decoded base64 command I have been working on decoding a base64 encoded command using the decrypt2 app. I have successfully decoded the stri... by vnarahari Loves-to-Learn Lots in Security 04-03-2024 0 2	0	2
searches skipped in the last 24hours. 500 internal server error. insufficient permission to access this resource when i try running a search on my Splunk enterprise in the search and reporting app i get the "insufficient permissio... by mfonisso Explorer in Security 04-02-2024 0 4	0	4
Hiding Splunk bar Dear Splunkers, My goal is to expose only some dashboards to external customer. Created a dedicated role and user wi... by slipinski Path Finder in Security 03-26-2024 0 3	0	3
Whats the vulnerability or risk of enabling automatic chart recovery in the analytics workspace ? I noticed in the hardening standards it states, "Disable automatic chart recovery in the analytics workspace. See Cha... by dm1 Contributor in Security 03-26-2024 1 1	1	1
How to Splunk Data Sentinel SIEM Migration \| 나머지 splunk_server=로컬 개수=0 /services/saved/searches \| 검색 비활성화=0 \| 표 제목,검색,* Splunk Web Search 쿼리를 사용하여 Json File을 사용... by Dom New Member in Security 03-21-2024 0 0	0	0
[systemd] splunk start keeps on asking to enter password I am running 7.3.3 using systemd and running into issues with running splunk restart as splunk user. I ran "splunk en... by sylim_splunk Splunk Employee in Security 03-20-2024 0 7	0	7