Hello,
I've installed Centurion - Threat Hunting Feed Aggregator v1.0.1 on SplunkEnterprise version 7.2.9.1 and I need to configure a proxy for exit on the internet.
Any suggestion for where t...
This is a feature request
The app needs to support proxying requests to be used in enterprise environments. I've made a temporary hack in bin/dnsdb_query.py myself, but a supported proxy config i...
Looking to get the Splunk Stream "Ephemeral Streams" working forEnterprise Security (concept outlined here: https://www.splunk.com/blog/2015/02/13/splunk-app-for-stream-how-can-you-use-ephemeral-s...
...Firehose Nozzle in OpsMan and configured it to talk to HEC ( Step-1) . During this setup , I've enabled HttpEventType: cf:logmessage. By this I see platform metrics on my indexer ( like gorouter e...
Hello, I have a working SplunkEnterprise and Splunk Universal Forwarder. I am using 2 different CentOS VM Instance. I can successfully forward logs from UF to SE. I can also do search in here. A...
...SL AND TLS be turned off? Does turning off encryption features in Splunk break anything? Is this even possible with SplunkEnterprise?
I apologize for the general, high-level type of question, but t...
This post is not a question, but an enhancement request forSplunk Add-on for NetFlow Ver 3.0.1.
I installed SplunkEnterprise 6.2.5 and Splunk Add-on for NetFlow Ver 3.0.1 on a Linux server and configure...
...EBUG events to the appropriate index, which is configured to erase them after 1 month. (while other logs are archived)
- the second one is for the extraction of more readable source names.
I've t...
Hi All, I am new here and got an issue when I tried to connect Cisco AMP. Infos: SplunkEnterprise Version:8.0.3 Cisco AMP for Endpoints Events Input Version: 1.1.8 I have configured Cisco AMP (A...
Using SplunkEnterprise 6.4.1 on linux. Hot/warm/cold are all on the same partition. All data should be deleted after 45 days, but searchable for the entire 45 days. Is there a formula of some s...