Splunk Enterprise Security

Splunk Enterprise Security
Community Activity
mikesangray
Trying to find out if the Splunk App for Enterprise Security 3.3.0 is compatible with Splunk 6.3. The site https://sp...
by mikesangray Path Finder in Splunk Enterprise Security 11-04-2015
0 3
0
3
ddavenpo
Our vulnerability scanner found the following "XSS vulnerability" - Can someone speak to the validity of this or why ...
by ddavenpo Explorer in Splunk Enterprise Security 11-04-2015
0 2
0
2
kmanson
I am trying to suppress an event "Account Deleted" and receiving the error "The provided search is not valid" when tr...
by kmanson Path Finder in Splunk Enterprise Security 10-31-2015
0 1
0
1
otan1010
How do I share objects such as a custom searches (residing in another app) so that I can access them within Enterpris...
by otan1010 Explorer in Splunk Enterprise Security 10-27-2015
0 2
0
2
madcitygeek
Searches from our Enterprise Security search head seem to take a long time to handoff. How long? 15 -16 seconds. Se...
by madcitygeek Explorer in Splunk Enterprise Security 10-26-2015
4 3
4
3
krish3
Below is my query to separate priority accounts of AD based on group name but I am unable to assign any priority base...
by krish3 Contributor in Splunk Enterprise Security 10-25-2015
0 2
0
2
faol
After enabling the Distributed Management Console on an Enterprise Security (ES) search head, searches stop returning...
by faol Explorer in Splunk Enterprise Security 10-22-2015
0 2
0
2
hcheang
Hello, I am using the threat intelligence lookup files from the Splunk App for Enterprise Security and the lookup fi...
by hcheang Path Finder in Splunk Enterprise Security 10-16-2015
0 1
0
1
shashank1990
I already have Splunk 6.2.6 on our infrastructure and have most of the logs already indexed. So does the pricing mod...
by shashank1990 New Member in Splunk Enterprise Security 10-13-2015
0 1
0
1
praveen_kamble
Dear Team, We are planning to use splunk for monitoring (security) purpose as an SIEM service. What i wanted to ask ...
by praveen_kamble New Member in Splunk Enterprise Security 10-10-2015
0 2
0
2
gwalford
I am running some Nessus scanners - these systems have not yet been integrated with Splunk. Splunk's Enterprise Secu...
by gwalford Path Finder in Splunk Enterprise Security 10-07-2015
0 2
0
2
woodcock
According to section "Resolve Active Directory objects in event log files" in all versions of this document: http://...
by Esteemed Legend in Splunk Enterprise Security 10-01-2015
1 4
1
4
aweitzman
I'm trying to get some data to show up in the Enterprise Security 3.3 app on Splunk 6.2.3 on Windows, and it seems li...
by aweitzman Motivator in Splunk Enterprise Security 09-25-2015
0 2
0
2
pjb2160
Hello, I am wondering what the general thoughts of the Splunk community are in terms of which apps would you most re...
by pjb2160 Path Finder in Splunk Enterprise Security 09-21-2015
0 6
0
6
joshuamcqueen
Hey Splunkers, I'm getting an error in _internal that I can't seem to figure out. Every enabled app that has a csv ...
by joshuamcqueen Path Finder in Splunk Enterprise Security 09-20-2015
3 7
3
7
mikaelbje
Hi, The documentation for TA-Suricata states that it is CIM 4.2 compliant, but I am only seeing events from Suricata...
by mikaelbje Motivator in Splunk Enterprise Security 09-18-2015
1 3
1
3
btran
I have a non-admin user "testuser" added to a non-admin "testrole" I give testrole capabilities of edit_identitylooku...
by btran Explorer in Splunk Enterprise Security 09-15-2015
0 1
0
1
phoenixdigital
So it appears that the built-in tagging and field enrichment for the Splunk App for Enterprise Security is poorly con...
by phoenixdigital Builder in Splunk Enterprise Security 09-10-2015
1 2
1
2
DmitryTchersak
The dns datamodel is not populating because out of the box neither ES or the Windows Infrastructure app have the tag ...
by DmitryTchersak New Member in Splunk Enterprise Security 09-08-2015
0 2
0
2
Maheshparsi
Hi All, I need to know the features that are not available in the Splunk App for Enterprise Security that are availa...
by Maheshparsi Explorer in Splunk Enterprise Security 09-08-2015
0 2
0
2
jeff
Enterprise Security 3.3.1, Splunk 6.2.4. I have notable events being generated by correlation searches (for instance...
by jeff Contributor in Splunk Enterprise Security 09-04-2015
0 1
0
1
john_miller1
We were testing two externally hosted threat feeds. After adding them to the Splunk App for Enterprise Security usin...
by john_miller1 Explorer in Splunk Enterprise Security 09-03-2015
1 2
1
2
splunk2015P
Hello, I would like to know what are the steps to install and deploy Splunk & the Splunk App for Enterprise Security...
by splunk2015P New Member in Splunk Enterprise Security 09-03-2015
0 1
0
1
infosecdb
Hi Everyone, I am trying to concoct a regular expression in the Splunk App for Enterprise Security to find all SCCM ...
by infosecdb Engager in Splunk Enterprise Security 09-01-2015
0 1
0
1
may_aaron
I want to create a single value chart to illustrate total intrusion detection events, however, I want to limit the re...
by may_aaron Engager in Splunk Enterprise Security 08-31-2015
0 1
0
1
Get Updates on the Splunk Community!

Think Like an Architect: Introducing the Splunk Certified Cybersecurity Defense ...

In cybersecurity, defenders respond to threats. Architects design the systems that stop them.    As ...

Best Practices: Splunk auto adjust pipeline queue

When you enable autoAdjustQueue in Splunk, maxSize should be understood as the queue size Splunk starts with ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...