...andling large numbers of assets and/or identities. I increased the maximum bundle size to 4GB, but still had to distribute the entire huge bundle every time an identity changed. Is there an o...
OK, just to go over the information flow to ensure all is working (needless to say it isn't--I'm missing something)
ISE via syslog to one machine (ubuntu server) running syslog, indexer, and searc...
I'm attempting to configure SSO for Splunk with ADFS as the IdP. I have mapped an Active Directory group to the admin group in Splunk like this:
[rolemap_SAML]
admin = splunk_admin
W...
I am having an issue with the time stamp on one of my apps. They will group together if the time stamp is identical in the event.
Example:
Jun 7 17:37:31
Jun 7 17:37:31
However, t...
Hi, has anyone worked with Assets and identity from Splunk Enterprise Security? I already have the App "Splunk Supporting Add-on for Active Directory" installed From the app I do connection tests a...
Hi,
I'm facing the situation that there is the identical stanza twice within a single conf file.
E.g.
authorize.conf
[role_admin]
srchIndexesDefault = main
[role_admin]
s...
...f these configurations also define the inputs, and the input is an API call to Okta API, I want to avoid the scenario where all three indexers are pulling the same data from the Okta API. Is there a...
...3 messages have not been written to info.csv. Please refer to search.log for these messages or limits.conf to configure this limit.
[********.COM] Error 'Could not find all of the specified lookup f...