Security

Community Activity

Problem with SAML authentication after updating to Splunk 7.0.0 I have upgraded to Splunk 7.0.0, and I am encountering with "Verification of SAML assertion using the IDP's certific... by vidhyaArumalla Path Finder in Security 10-12-2017 0 2	0	2
Got "Forbidden: Strict SSO Mode" after a fresh install Once I did a fresh install and try to login to web GU, I got "Forbidden: Strict SSO Mode". I didn't enable any SSO at... by daniel_splunk Splunk Employee in Security 10-10-2017 0 1	0	1
MSP and Enterprise License (To define pools from which license file) I have 2 licenses,one of which is using for 1 customer and other license is shared among n number of customers (MSP -... by ansif Motivator in Security 10-10-2017 0 1	0	1
Modifying the body of the email message for saved searches I have a saved search which sends an email to the users when a condition is met. I need to include an image in the bo... by Roozbeh59 New Member in Security 10-10-2017 0 1	0	1
"This license does not support being a remote master" error on Splunk Enterprise trial - why? I have a Linux server with Splunk Enterprise and splunk heavy forwarder installed. In the splunk log, I am getting th... by Monica7 New Member in Security 10-10-2017 0 17	0	17
License: Do I have to pay for an extra license in a hybrid environment? I'm planning an environment where I want to have all my universal forwarder clients to a local splunk server and this... by tomasnelson Explorer in Security 10-09-2017 0 2	0	2
Can you directly publish data from your Java application to Splunk Web? Hello there, I want to try and catch the spl query submitted on the web interface in my java application, process thi... by MarcHelou New Member in Security 10-09-2017 0 3	0	3
Can I reduce my common user role configuration stanzas? I was wondering if there was a clean way that I could reduce my stanzas in authorize.conf? I was hoping that similar... by paimonsoror Builder in Security 10-06-2017 0 5	0	5
How to disable realtime searches for the power user role? I'm wanting to disable real-time searches for the roles 'user' and power-user'. For the user role, I removed most of ... by skoelpin SplunkTrust in Security 10-04-2017 1 2	1	2
Search backwards matching on value in current search result Hello - I have a logging event like this one. We are searching on "Threshold Exceeded" AND "225" 9/26/17 13:45:18... by johnca00 New Member in Security 10-03-2017 0 1	0	1
SSL certificate for Splunk Web process -- can you verify these steps I'm taking? Just want to confirm process: 1. Create private key on splunk web 2. Create CSR from private 3. Pass to my CA authori... by pfabrizi Path Finder in Security 10-03-2017 1 1	1	1
Splunk 6.3 forwarder is not sending data using SSL however Splunk 6.6 is working fine with the same settings Splunk 6.3 forwarder is not sending data using SSL while Splunk 6.6 is working fine with the same settings. Followi... by reach2tushar Explorer in Security 10-02-2017 0 3	0	3
About SSO by ADFS Sorry about the rudimentary question. I am building an environment referring to the following site. https://www.splun... by oda Communicator in Security 10-02-2017 0 3	0	3
How do I edit permissions so customers can only view dashboards and reports? Hi, i wish to provide a Splunk application to our customers. But I do not want to provide them with 'search' capabili... by eranday New Member in Security 10-01-2017 0 1	0	1
JournalSliceDirectory: Cannot seek to rawdata offset 0, path="..." on running search in Splunk Web on Splunk non clustered indexer I am using Splunk 6.6.2 When I ran search in Splunk Web for index for more than 30 days timeline "index="indextest" ... by mouryagalla Explorer in Security 09-29-2017 1 4	1	4
Error message: domain needs 'min' and 'max' fields Hi I have run the following search ( Endpoint - Malware Daily Count - Context Gen) verified from a couple of differ... by frizzoS3 New Member in Security 09-29-2017 0 2	0	2
Why can't an authorized user login via LDAP? I have successfully configured LDAP to my organization's Active Directory and have several strategies configured; we ... by thelucas Explorer in Security 09-29-2017 0 3	0	3
Why is an Active Directory user unable to search or see any search results? Hi i have user that have permission in Splunk from Active Directory group and he can't search anything when he typ... by yossi New Member in Security 09-28-2017 0 4	0	4
Is anyone interested in closing the security holes that Splunk leaves open with mongod ? Splunk 6.4.2 (and back to 6.2.1) has the following issues: "[sslConfig]" stanza with parameter setting "enableSplunk... by USPSSplunkSuppo Explorer in Security 09-27-2017 3 4	3	4
Added LDAP bindings and now I'm unable to access Splunk through domain account Hi Team, I have added LDAP bindings, now I am unable to login using my domain account to a Splunk portal. Please adv... by venkatcool15 New Member in Security 09-27-2017 0 5	0	5
SAML v2.0 support in Splunk With the release of 6.3.0 Splunk supports natively supports SAML 2.0 I've got some questions about some sentences i... by vRob Engager in Security 09-26-2017 2 5	2	5
Is it possible in Splunk to know who has disabled a saved search and when? Hi! I would like to know is there a way to find out when a savedsearch has been disabled and who has disabled the sa... by MousumiChowdhur Contributor in Security 09-26-2017 3 1	3	1
IBM Siteprotector. Anybody use splunk to index IBM(ISS) SiteProtector events. Is there a syslog configuraton for Siteprotector? It has... by davecroto Splunk Employee in Security 09-26-2017 2 7	2	7
I want to Shows last login time for users who have ever logged into AIX. I want to Shows last login time for users who have ever logged in AIX. And enable the lastlog stanza: [script://./bin... by gif_support New Member in Security 09-26-2017 0 3	0	3
curl (35) error Rest API When I try to run this command in REST API curl -k -vvv -u user:pass -d "search=savedsearch %22My%20Search%22" https... by zackh123 Path Finder in Security 09-26-2017 0 7	0	7