Security

Community Activity

Duo Security broken in Splunk 6.3 I'm using the Duo Security Splunk integration to provide 2FA on Splunk Web: https://www.duosecurity.com/docs/splunk ... by awurster Contributor in Security 10-20-2017 0 8	0	8
What is a good search for auditing when someone has accessed or attempted to access a folder on a Redhat 6.3 OS? Greetings, I'm utilizing Splunk Enterprise, and I'm wanting to audit whenever someone attempts to access and/or acce... by CodyQuinney New Member in Security 10-20-2017 0 1	0	1
Add-on certification procedure and time duration Dear Sir/Madam, we have developed the splunk add-on for the some vender storage array, we really want to involve the... by zhanghua_here New Member in Security 10-20-2017 0 2	0	2
LDAP mapping - how to find which groups led to this user? We have configured LDAP mapping groups rules. We have some users found in "Users" page, that we cannot determine how ... by ehudb Contributor in Security 10-18-2017 0 3	0	3
Which firewall logs are supported in Splunk? May I know which firewalls logs are supported and which format it should be. In my organization there is Checkpoint f... by Sagar0511 Explorer in Security 10-18-2017 0 2	0	2
User accounts I've tried to research this issue on my own, but, to no avail and I'm I'm at my wits end. Every so often, all my use... by marg224 New Member in Security 10-18-2017 0 10	0	10
Find user that have latest login I have a listed lookup table xxx . When I run the below search. it shows no results. inputlookup xxxx\|fields USERN... by florencegoh New Member in Security 10-16-2017 0 3	0	3
How can I reset the admin password for the Windows 7 version? Hi, how can I reset the admin password of Splunk Enterprise 6 trial version that was installed in a computer running ... by julivt Explorer in Security 10-16-2017 1 10	1	10
splunk starting as root user how to change this one? Hi Slunk starting as root user, I used chown -R splunk;splunk /opt/splunk/ and its caousing errors when I try to res... by kiran331 Builder in Security 10-14-2017 1 2	1	2
Problem with SAML authentication after updating to Splunk 7.0.0 I have upgraded to Splunk 7.0.0, and I am encountering with "Verification of SAML assertion using the IDP's certific... by vidhyaArumalla Path Finder in Security 10-12-2017 0 2	0	2
Got "Forbidden: Strict SSO Mode" after a fresh install Once I did a fresh install and try to login to web GU, I got "Forbidden: Strict SSO Mode". I didn't enable any SSO at... by daniel_splunk Splunk Employee in Security 10-10-2017 0 1	0	1
MSP and Enterprise License (To define pools from which license file) I have 2 licenses,one of which is using for 1 customer and other license is shared among n number of customers (MSP -... by ansif Motivator in Security 10-10-2017 0 1	0	1
Modifying the body of the email message for saved searches I have a saved search which sends an email to the users when a condition is met. I need to include an image in the bo... by Roozbeh59 New Member in Security 10-10-2017 0 1	0	1
"This license does not support being a remote master" error on Splunk Enterprise trial - why? I have a Linux server with Splunk Enterprise and splunk heavy forwarder installed. In the splunk log, I am getting th... by Monica7 New Member in Security 10-10-2017 0 17	0	17
License: Do I have to pay for an extra license in a hybrid environment? I'm planning an environment where I want to have all my universal forwarder clients to a local splunk server and this... by tomasnelson Explorer in Security 10-09-2017 0 2	0	2
Can you directly publish data from your Java application to Splunk Web? Hello there, I want to try and catch the spl query submitted on the web interface in my java application, process thi... by MarcHelou New Member in Security 10-09-2017 0 3	0	3
Can I reduce my common user role configuration stanzas? I was wondering if there was a clean way that I could reduce my stanzas in authorize.conf? I was hoping that similar... by paimonsoror Builder in Security 10-06-2017 0 5	0	5
How to disable realtime searches for the power user role? I'm wanting to disable real-time searches for the roles 'user' and power-user'. For the user role, I removed most of ... by skoelpin SplunkTrust in Security 10-04-2017 1 2	1	2
Search backwards matching on value in current search result Hello - I have a logging event like this one. We are searching on "Threshold Exceeded" AND "225" 9/26/17 13:45:18... by johnca00 New Member in Security 10-03-2017 0 1	0	1
SSL certificate for Splunk Web process -- can you verify these steps I'm taking? Just want to confirm process: 1. Create private key on splunk web 2. Create CSR from private 3. Pass to my CA authori... by pfabrizi Path Finder in Security 10-03-2017 1 1	1	1
Splunk 6.3 forwarder is not sending data using SSL however Splunk 6.6 is working fine with the same settings Splunk 6.3 forwarder is not sending data using SSL while Splunk 6.6 is working fine with the same settings. Followi... by reach2tushar Explorer in Security 10-02-2017 0 3	0	3
About SSO by ADFS Sorry about the rudimentary question. I am building an environment referring to the following site. https://www.splun... by oda Communicator in Security 10-02-2017 0 3	0	3
How do I edit permissions so customers can only view dashboards and reports? Hi, i wish to provide a Splunk application to our customers. But I do not want to provide them with 'search' capabili... by eranday New Member in Security 10-01-2017 0 1	0	1
JournalSliceDirectory: Cannot seek to rawdata offset 0, path="..." on running search in Splunk Web on Splunk non clustered indexer I am using Splunk 6.6.2 When I ran search in Splunk Web for index for more than 30 days timeline "index="indextest" ... by mouryagalla Explorer in Security 09-29-2017 1 4	1	4
Error message: domain needs 'min' and 'max' fields Hi I have run the following search ( Endpoint - Malware Daily Count - Context Gen) verified from a couple of differ... by frizzoS3 New Member in Security 09-29-2017 0 2	0	2