Splunk Enterprise Security

Splunk Enterprise Security
Community Activity
tarun2505
Hi Team,Could you help me integrating NextDNS (Community App) with Splunk. I have downloaded and configured the app b...
by tarun2505 Engager in Splunk Enterprise Security 06-16-2025
0 2
0
2
splunk_zen
As the default ES DMA schedule is every 5min, and the ACCELERATE_DM_Splunk_SA_CIM*ACCELERATE jobs TTL is 24h, our di...
by splunk_zen Builder in Splunk Enterprise Security 06-16-2025
0 5
0
5
Amire22
HelloI have a search head configured with assets and identity from current ad domain.I have 5 more ad domains without...
by Amire22 Explorer in Splunk Enterprise Security 06-12-2025
0 2
0
2
vy
Hi Team,I have a notable event (Excessive Failed Logins on Multiple Targets) that I'm expecting to see the "dest" fie...
by vy Explorer in Splunk Enterprise Security 06-11-2025
0 4
0
4
splunker21666
HiI would like to add an additional Threat Intelligence Feed to the collection of the Intelligence Downloads in Enter...
by splunker21666 Engager in Splunk Enterprise Security 06-04-2025
2 1
2
1
hikan
Hi,We are using Splunk Enterprise on-premise.Now, I launched another one with a trial license and I would like to tes...
by hikan Engager in Splunk Enterprise Security 06-04-2025
0 1
0
1
SCK
Context:We have SPlunk ES setup on-prem.We want to extract the required payloads through queries, generate scheduled ...
by SCK Loves-to-Learn in Splunk Enterprise Security 05-28-2025
0 2
0
2
jagan_jijo
Hi everyone,I'm working on improving our incident response and monitoring setup using Splunk, and I have a few questi...
by jagan_jijo Engager in Splunk Enterprise Security 05-23-2025
0 3
0
3
vikashumble
Hello All,I have a question which I am not able to find an answer for. Hence looking for ideas, suggestions etc from ...
by vikashumble Explorer in Splunk Enterprise Security 05-22-2025
0 2
0
2
Eric_Rak
Environment:Splunk Enterprise 9.x (Windows, On-Prem)Domain: mydomain.duckdns.org (via DuckDNS)Certbot for Let’s Encry...
by Eric_Rak Loves-to-Learn Lots in Splunk Enterprise Security 05-20-2025
0 1
0
1
kneubi
HiWe upgraded our ES7 to ES8 onprem and are testing it. We currently have the issue, that the created investigations ...
by kneubi Engager in Splunk Enterprise Security 05-15-2025
0 4
0
4
koshyk
hi folks, the scenario is like below- have Enterprise security (ESS) in Splunk cloud + ESCU (content updates) as part...
by koshyk Super Champion in Splunk Enterprise Security 05-13-2025
0 2
0
2
Nawab
I have installed ES on deployer as suggested by splunk docs, then transfered this app to /opt/splunk/etc/shcluster/ap...
by Nawab Communicator in Splunk Enterprise Security 05-08-2025
0 8
0
8
666Meow
Support Portal is broke and I am unable to submit a case due to one of the required fields being unable to select (se...
by 666Meow Explorer in Splunk Enterprise Security 04-30-2025
0 3
0
3
WorapongJ
I am trying to create a new finding-based detection to group findings together when the risk score exceeds a threshol...
by WorapongJ Explorer in Splunk Enterprise Security 04-28-2025
0 0
0
0
siv
Can Splunk read a CSV file located on a remote server using a forwarder and automatically upload it as a lookup?what ...
by siv Explorer in Splunk Enterprise Security 04-25-2025
0 4
0
4
sureshkumaar
Hi All,       I have 4 Heavy forwarder servers sending data through 5 indexersserver1 acts as syslog server which has...
by sureshkumaar Path Finder in Splunk Enterprise Security 04-23-2025
0 4
0
4
EFonua
We have an alert showing users that are authenticating after working hours for security reasons, I'm sure y'all famil...
by EFonua Observer in Splunk Enterprise Security 04-17-2025
0 1
0
1
agentsofshield
Hello, I've recently encountered a problem with the severity level within the ARAs, my current severity level for thi...
by agentsofshield Path Finder in Splunk Enterprise Security 04-10-2025
0 1
0
1
mooredaCIP
Good day. I work in a heavily regulated critical infrastructure environment. Our compliance change management require...
by mooredaCIP Engager in Splunk Enterprise Security 04-08-2025
0 2
0
2
anissabnk
Hello, I'm having a problem with the colouring of a column in my table.I need to colour the AverageExecutionTime colu...
by anissabnk Path Finder in Splunk Enterprise Security 04-03-2025
0 6
0
6
Sai-08
Hello everyone,  I need help with determining the time needed from an analyst to investigate the alert and close it ....
by Sai-08 New Member in Splunk Enterprise Security 04-02-2025
0 3
0
3
SOClife
All,We are investigating a move from v7 to v8.    We currently rely heavily on the Investigation API  however per the...
by SOClife Engager in Splunk Enterprise Security 04-01-2025
0 3
0
3
kmahanta_17
Hi Folks,Can anyone suggest or help me out on how to get prep for Splunk administration certification course and whic...
by kmahanta_17 Explorer in Splunk Enterprise Security 03-26-2025
0 3
0
3
WhitneySink
REGISTER HERE Tuesday, April 8, 2025  |  9AM–9:30AM PT Pizza Hut's Story of a Successful Migration for Greater Reliab...
by WhitneySink Splunk Employee Splunk Employee in Splunk Enterprise Security 03-25-2025
0 0
0
0
Get Updates on the Splunk Community!

Think Like an Architect: Introducing the Splunk Certified Cybersecurity Defense ...

In cybersecurity, defenders respond to threats. Architects design the systems that stop them.    As ...

Best Practices: Splunk auto adjust pipeline queue

When you enable autoAdjustQueue in Splunk, maxSize should be understood as the queue size Splunk starts with ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...