...e are in the process of validation of the ITSI dashboards, ExternalLoginsMap is one of them, and we realized that the extracted source IP (c_ip field) corresponds to our load balancer (XXX.XXX...
I'm using VirtualBox as a Virtual machine with CentOS 7 on it. I have used a NAT-adapter with port forwarding and a Host-only adapter. On the NAT-adapter I used port-forwarding for connecting to ssh ...
I'm checking to see if i can embed an external web page which requires a login to the splunk dashboard. I'm able to add the web page to a panel using iframe, but it is not letting me log in. Any i...
Hello everyone I'm fairly familiar with routing data based on the logs themselves, however, I was wondering if there was a way to call an externalmapping table in the transfoms.conf file. &n...
I have mapped an AD group to Splunk's admin role. However, users are still unable to login.
After a bit of researching, I realised (from User name attribute setting within Splunk's LDAP strategy c...
Guys, I am trying to specifically see if I can distinguish when the login attempts are coming from an external source. What else can I add to this search?
```| tstats summariesonly=t a...
splunk UI search <--> external lookup script on splunk server <--> Remote server CLI
Whenever user logs in to splunk UI and does a specific search, the python external lookup script o...
So I finally got LDAP strategy to work. NOw in Actions > Map Groups I can see the OU's I set up under LDAP Group Name. I see the LDAP Users populated with users from the OU for each LDAP Group N...