Security

Community Activity

Getting error when using package toolkit - issue in manifest file? I've been trying to package the app using the package toolkit and found an interesting issue. I have an older manifes... by mlstom New Member in Security 05-14-2024 0 1	0	1
Splunk web certification configuration Hello Splunkers!! I want to configure SSL certificate in Splunk so that my Splunk web URL communicate over https. T... by uagraw01 Motivator in Security 05-14-2024 0 3	0	3
How to stop a read-only user from deleting knowledge objects (ie. reports)? I was surprised to find that a user with read-only permissions can delete a report. Surely my Splunk set up is incorr... by mikeydee Explorer in Security 05-14-2024 1 1	1	1
Splunk web page can't reach this page Hi team, I had upgraded from 9.0.5 version to 9.1.2 and upgradation successfully completed, but splunk web page can't... by vijreddy30 Loves-to-Learn Everything in Security 05-13-2024 0 2	0	2
How to correlate two rules/alert into a third Hello everyone,How can I correlate two alerts into a third one?For instance:I have alert 1 and alert 2 both with medi... by matheusvortex Loves-to-Learn in Security 05-13-2024 0 5	0	5
Splunk Akamai API Hi , I am trying to achieve an automation whereon i will be running a query and then passing the IP's which i need t... by RahulMisra1 Explorer in Security 05-10-2024 0 5	0	5
Has anyone else run into this Product Version info error? Not sure what happened this morning but I was unable to log in as admin. I noticed that it had orphan some of my aler... by flyers777 Explorer in Security 05-09-2024 1 5	1	5
how to configure SSL on Windows i have a file with CRT extension from the third party. I am trying to convert the file into PEM but unable to get it ... by abhi_2985 Observer in Security 05-08-2024 0 9	0	9
Splunk SSL certificate decryption error Hello there!After following this docs https://docs.splunk.com/Documentation/Splunk/9.2.1/Security/Howtoself-signcerti... by Haleb Path Finder in Security 05-07-2024 0 2	0	2
Confusion about setting up data model acceleration Hello. I'm a Splunk newbie.There is confusion about setting up data model acceleration.According to the official docu... by munang Path Finder in Security 05-07-2024 0 13	0	13
test AD environment I have the following environment: 1 HF -> 1 indexer -> 1 SH , code 9.1How do I onboard the AD controller data into my... by stefani Explorer in Security 05-06-2024 1 5	1	5
Why can't admins see private Orphaned Scheduled Searches, Reports, and Alerts Splunk version is 9.1.0.2We are trying to resolve searches that are orphaned from the report "Orphaned Scheduled Sear... by SReopelle Loves-to-Learn in Security 05-03-2024 0 3	0	3
How to find KOs owned by inactive users? pls whats the better way to create a search query for identifying knowledge object from inactive users and cleaning i... by whitecat001 Explorer in Security 05-03-2024 0 2	0	2
Field Extraction from Indexed field Hi All,I am trying to extract a value from the indexed field. i.e from source field . I have added the regex in props... by Poojitha Communicator in Security 05-03-2024 0 3	0	3
Deployment Server - Changes not pushed even though there is successful phonehome connection Hi All,I have setup new deployment server and new heavy forwarder. There is successful phonehome connection when I ch... by Poojitha Communicator in Security 05-02-2024 0 3	0	3
SOAR with Splunk Enterprise. Hello, I want to use SOAR with Splunk Enterprise. The two work together so that I do not buy Splunk ES. Therefore, I ... by tuts Path Finder in Security 04-30-2024 0 2	0	2
Name change - urgent I really need splunk to update my name. I have raised ticket twice and both time I was told 'it's not their job and p... by roywan New Member in Security 04-29-2024 0 2	0	2
Cannot determine this apps python compatibility: Mission Control Tje splunk readiness app, cannot determine if Mission Control app is python compatible by heres Observer in Security 04-29-2024 0 1	0	1
How to normalise the fields via OCSF Has anyone implemented OCSF model in your Splunk security practise. Got a rough idea in this and about to start the a... by NAGA4 Engager in Security 04-29-2024 0 1	0	1
"View on Mobile" button automatically creates Authentication Token? Hi fellow Splunkers,i recently came across an authentication Token created by splunk-system-user and i had no clue wh... by TheEggi98 Path Finder in Security 04-26-2024 1 1	1	1
Using relaystat with SAML Hi allI have a question about using relaystate with SAML when using Azure Ad B2C as the Idpwe successfully managed to... by aamer86 Path Finder in Security 04-23-2024 0 0	0	0
How to convert Millsec to Seconds Hi Team How to convert millsec value to seconds index=testing \| timechart max("event.Properties.duration") Can anyo... by jaibalaraman Path Finder in Security 04-22-2024 0 5	0	5
How to creaate Splunk authentication with CAC / Smart Card and LDAP for Authorization? Hello, We are using Splunk with CAC / Smart Card authentication and want to add to our configuration the ability to m... by jramnanitandem Explorer in Security 04-16-2024 0 10	0	10
Need to Change the Max Lines from 5 to 20 Hi Team,Our Splunk Search heads are hosted in Cloud and managed by Support and currently we are running with the late... by anandhalagaras1 Contributor in Security 04-16-2024 0 4	0	4
Data Masking Before Ingestion Hi Team,Want to mask two of the fields "password" and "cpassword" from the events which are getting written with the ... by anandhalagaras1 Contributor in Security 04-15-2024 0 8	0	8