For SplunkEnterprise, Splunk Light and HUNK default root certificates prior to 6.3 will expire on July 21, 2016
What are the suggested recommendations?
I am looking for advices on how to plan the backup and storage of "My Investigations" data in the SplunkEnterpriseSecurity (ES).
Two questions regarding this:
1- How to configure and manage t...
Hey! We upgraded toSplunkEnterpriseSecurityto the latest version a few weeks ago. Before, it was on Version 4.x I believe. It was detecting events before we upgraded and after the upgrade, no m...
...EnterpriseSecuritySuite) from etc/shcluster/apps to etc/apps folder Ran the upgrade command – (/opt/splunk/bin/splunkinstall app ./splunk-enterprise-security_620.spl -update 1) Ran the essinstall command as per the in...
How to get details of a Notable event using API - event_id hash, rule_id, severity, urgency etc
How to get a Notable event from a sid and how does a Notable event relate to an Incident
Is t...
Hello,
We use Splunk 6.2.0 and the server.pem certificate will be expired in 10 days:
openssl x509 -in /opt/splunk/etc/auth/server.pem -text -noout | grep "Not After"
Not After : Dec 1...