Our biggest challenge right now is integrating Splunk with GCP data in general. The integration with GCP works but is not massively granular in collection terms and in mapping audit info to ES s...
I'm planning to start an integration between Splunk and ESET endpoint security cloud platform, but I facing the following issue: the Syslog-ng server started receiving uncleared/encrypted logs f...
How to secure Splunk with Multi CA we are securingtheSplunkPlatform with ssl, data flow TOP as following, ufwd(subbranch)--->hfwd(subbranch)---->hfwd(global)--->indexer(global) The s...
We would like to bubble up alerts from Splunk to our alert management platform.
I see there are a couple of options, AWS SNS Topics, and a Webhook Alert.
With either of those there i...
Hi there! I am attempting to set up the Microsoft Security Add-On on our Splunk Cloud (Victoria Experience). I was able to install the app on theSplunk Cloud Platform, and understand m...
...rom Clayton Homes on how to build scalable security while moving to the cloud successfully and efficiently with Splunk. By deploying Splunk Enterprise Security, a data-centric modern information and e...
...uposidly secure index
[role_user]
srchIndexesAllowed = index1
Our platform team is not necesserily allowed to see the data in the indexes we have, but they need to be able to administer Splunk...
Hello, I recently upgraded the "Splunk Add-on for Microsoft Office 365" on my Splunk Heavy Forwarder to version 3.0.0, running on Splunk 8.1.4. I configured the "Cloud App Security" integration a...
I have been trying to configure the Linux Auditd app to get it 100% functioning. Some of the panes are working and some are not. The app is not integrated with Splunk Enterprise Security (ES) and r...