Hi,
I am developing a plugin for my organisation's security configuration compliance auditing system, and some Windows Server-based devices have come into scope which are using the Splunk U...
We are running a Splunk cluster (version 8.1.2) and trying to secure the forwarding from the Universal Forwarders (also version 8.1.2) to the Heavy Forwarders in our cluster. I've followed the d...
...hey are available on all the others applications.
The trouble is that I do not understand why my Global configuration files are not available from the Entreprise Security application, is that n...
Hi,
With Splunk Enterprise it's possible to secure Splunk Web with your own certificate by copying your server certificate to /auth/splunkweb and doing some configuration in system/local/w...
Hi All, We have recently installed Enterprise Security but strangely the default dashboard doesn't display the indexes we have in our environment. Initially I though the indexes are not CIM c...
Hi Everyone, I'm looking for some Splunk Enterprise Security tips, maybe in the form of a cheatsheeet. Specific topics of interest: 1. Recommended 'base apps' for ES, eg: CIM ESCU CIM-V...
...etwork, 172.1.1.15 (desktop) and 172.1.2.15(server). Bob, who uses the desktop 172.1.1.15 RDP’s to 172.1.2.15 once a month to do a report. Under the current configuration, Bob’s RDP access generates a...
Need your expert advice about Splunk Ent. & Enterprise Security (ES) Backups + Disaster Recover + HA advice please. Any steps to succeed in this project specially in AWS environment is a...
...erver.
Lets assume if i m ingesting a 300GB/day in splunk and i have 5 administrative users using search head then the highlighted below is good to follow.
If i am adding Enterprise secur...