Splunk Enterprise Security

Splunk Enterprise Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
pacifikn

How Can I adjust Splunk Enterprise security ?

Greetings!!! I am new user of splunk , and I would like to ask about splunk enterprise security, if there's any way ...
by pacifikn Communicator in Splunk Enterprise Security 10-28-2019
0 3
0
3
damode

COMPLEX migration and architecture. Please help validate.

Current State : We have below Splunk instances running 6.5.2 version 1 x Splunk ES1 x Indexer (Physical SBOX which ...
by damode Motivator in Splunk Enterprise Security 10-27-2019
0 1
0
1
vishaltv

using lookup values as input to variable

Splunk search query : index="something" | search hostname=variable using lookup file, map the variable value Plea...
by vishaltv Path Finder in Splunk Enterprise Security 10-25-2019
0 2
0
2
mikeclemson

Help needed capturing a regex and then grouping on it

I have unstructured data that can vary, and I want to find results that match exactly 32 lowercase a-z characters, an...
by mikeclemson New Member in Splunk Enterprise Security 10-25-2019
0 3
0
3
damode

No SSL certificate validation can be performed since no CA file has been provided

Splunk version 6.5.2 Getting the below error on Splunk SH with ES, 2019-10-25T00:45:02.649Z W CONTROL No SSL cert...
by damode Motivator in Splunk Enterprise Security 10-25-2019
0 1
0
1
Hegemon76

Field Extractor

Hello, The field extractor stops at line 20. If what I am looking for is on a line after that what can I do to pull ...
by Hegemon76 Communicator in Splunk Enterprise Security 10-25-2019
0 3
0
3
bishtk

Splunk itsi and splunk enterprise security on same indexer cluster

Hello Experts, Checking if we can plan and implement splunk itsi (on a separate sh cluster) and splunk es(on a separ...
by bishtk Communicator in Splunk Enterprise Security 10-25-2019
0 6
0
6
sumitkathpal

Splunk Enterprise Security adding new View and navigation

Hi All, I need to understand, we need to add new view and navigation tab to the Enterpirse Security app. But i need ...
by sumitkathpal Explorer in Splunk Enterprise Security 10-25-2019
0 1
0
1
damode

Where can I check Splunk Search Head compatibility with Indexers ?

I have Splunk Search Head version 6.5.2 with ES 4.5.2. I am planning to install Indexers of 7.3.x version. My plan is...
by damode Motivator in Splunk Enterprise Security 10-24-2019
0 2
0
2
anandhalagarasa

Use cases in Enterprise Secuirty

How to fetch and where to find what and all are the use cases which we have created till date in Enterprise Security ...
by anandhalagarasa Path Finder in Splunk Enterprise Security 10-23-2019
0 1
0
1
troyfred

Cloning information and forwarding to another splunk indexer from a splunk indexer

Issue: I am attempting to get a specific index from an internal splunk setup to an external one without clustering....
by troyfred Explorer in Splunk Enterprise Security 10-23-2019
0 0
0
0
gammah786

How to generate a report based on utilisation of AWS services covering cost & capacity management in Splunk?

Hi I would like some query's or a query combined into one which gives me information about the following point's •...
by gammah786 New Member in Splunk Enterprise Security 10-23-2019
0 0
0
0
sunitm

Splunk Component Reboot/Restart Detected

Hi, Is there a way to notify if any splunk components were restarted. For Example-Deployment servers, Search heads e...
by sunitm New Member in Splunk Enterprise Security 10-23-2019
0 2
0
2
N92

field extraction

Same sourcetype have two different patterns in that case how can I define field extractions? Because field extraction...
by N92 Path Finder in Splunk Enterprise Security 10-21-2019
0 4
0
4
cservin81

How I can extract two diferent events in a single search

Im new in this and I need some help with this for example I need to correlate two events from linux. my first searc...
by cservin81 Engager in Splunk Enterprise Security 10-20-2019
1 2
1
2
abwe

Discarding Specific type of traffic either on forwarder or indexer fails

Discarding Specific type of traffic either on forwarder or indexer fails, I tried to discard it using blacklist on fo...
by abwe Loves-to-Learn Lots in Splunk Enterprise Security 10-20-2019
0 2
0
2
sectrainingjk

Versions above 7.1 for UFMA?

The Splunkbase page says, "Splunk Versions: 7.1, 7.0, 6.6, 6.5" are supported. Perhaps this is futile, then (if so, ...
by sectrainingjk Explorer in Splunk Enterprise Security 10-19-2019
0 3
0
3
danielbb

Enterprise Search: What are the Recommended Fields?

The SA-cim-validator displays the recommended fields while the official documentation at Common Information Model Add...
by danielbb Motivator in Splunk Enterprise Security 10-18-2019
0 11
0
11
callumring

How to group similar events into one event

Hi, We have pulled logs from our Anti Virus software into splunk and are in process of trying to filter through what...
by callumring New Member in Splunk Enterprise Security 10-18-2019
0 3
0
3
paola92

Sonicwall data Enterprise Security

Hi, I integrated my firewall sonicwall using the guide for Dell Sonicwall Analytics and this applications is working...
by paola92 Explorer in Splunk Enterprise Security 10-17-2019
0 0
0
0
danielbb

Enterprise Security: How do we specify the proper fields for the correlated search?

When we create the correlated searches, how do we specify which fields will be visible in the notable event / inciden...
by danielbb Motivator in Splunk Enterprise Security 10-17-2019
1 2
1
2
raymondmorris

SPLUNK 7.x Fundamentals Part 1&2: Where could I find the total hours for each course?

I am in the the process of gathering CEUs for my CompTIA Sec+. In order to have CompTIA give me credit for the SPLUN...
by raymondmorris New Member in Splunk Enterprise Security 10-17-2019
0 1
0
1
splunk_zen

MSSQL Server TA - audit events scalability over hundreds of DBs

According to https://docs.splunk.com/Documentation/AddOns/released/MSSQLServer/SQLServerconfiguration Audit even...
by splunk_zen Builder in Splunk Enterprise Security 10-17-2019
0 1
0
1
mikeytheb

MIL-STD-1472G Compliance

I have a Government customer asking me to provide Splunk compliance with MIL-STD-1472G. Since Splunk sells to local,...
by mikeytheb New Member in Splunk Enterprise Security 10-16-2019
0 1
0
1
raja480

Splunk windows TA flow chart

Can some one draw a flowchart or work flow of TA works in splunk ? Need to know If Addon installed in HF/UF , indexe...
by raja480 New Member in Splunk Enterprise Security 10-16-2019
0 1
0
1
Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...
Top Solution Authors
View All