...uposidly secure index
[role_user]
srchIndexesAllowed = index1
Our platform team is not necesserily allowed to see the data in the indexes we have, but they need to be able to administer Splunk...
...arry over to enterprise security. On the Security Posture dashboard, the user I want to limit access of datato can see everything. This is because there are no restrictions in place on the "e...
Has anyone had luck defining Anomali Limo as a TAXII feed in Splunk Enterprise Security (ES)?
Our internal STAXX app can connect to Anomali Limo as guest/guest and access multiple feeds. We r...
Hi,
I am using OMS add-on. I have one index with one host,source and source type.
Now I want to limit accessto specific table like below:-
1. index=idx table=security-----------User1
2. i...
Hi all,
I'm trying for the very first time to parse XML with Splunk.
My file is a Qualys report. Typically, however, I can' t use the Qualys Splunk app as I receive only the XML report file....
Hello. I'm new toSplunk. This may become obvious with my next question: I would like to restrict accessto certain hosts or fields on a per-user basis. IE. I might want our Help Desk to not be a...
Hi,
A quick question on how secure are our logs being stored in Splunk?
Understand the access rights for log files located in /opt/splunk/var/log/splunk only allows root to have read/write access...
...ll data related to the group in a respective index. Network traffic, network security, antivirus, Windows Event Data, etc all in a single index for the group and give that group permissions to the i...
...hrough a firewall to my indexer in the intranet.
If searched the splunk doku and found only one document:
https://docs.splunk.com/Documentation/Forwarder/7.3.5/Forwarder/Controlforwarderaccess
(I...