Looks like Splunk could be very useful in performing an inventory of systems. I have a report that runs with these parameters:
Src_IP="10.3.30.*" | stats dc(Src_IP) as Src_IP by Security_ID S...
Folks,
I am looking to configure the Anomalous System Uptime report within the PCI app. As per the manual: "Relevant data sources for this report include uptime data extracted through scripts f...
Out of the box, Splunk is able to collect a lot of Windows data. But I also see many items on Splunkbase for Windows and related Microsoft technologies. Is there a complete list of apps and when to u...
index=system* sourcetype=inventory order=829
I am trying to extract the 3 digit field number in this search with rex to search all entries with only the three digit code. I tried:
index=system...
Hi there, Looking into /opt/splunk/etc/system/local/authorize.conf I saw alot of configurations as below. Would like to understand how this came about, and is it of any concern? t...
Good Afternoon
We are looking at a pilot project to use Splunk to help manage our desktop inventory using the Microsoft_windows_TA add-on and a universal forwarder installed on the desktops....
We are making some changes to our system which requires a field name in the raw event to be changed. We'd like to know the impact to all our users' searches and dashboards that make reference to t...
Hi,
Just wanna ask if splunk has the ability to backup audit trailes to a centralized log server or media as indicated in pci dss 10.5.3?? Please someone reponse to my query. Thanks!