We have setup a distributed sandbox system with release 8.1.2. We have configured scripted authentication on our search head based on the PAM scripts located in $SPLUNK_HOME/share/splunk/a...
Hi
We have just switched from native Splunk authentication to PAM scripted authentication.
We are running Splunk 6.3.4 under Linux Suse, sles 11.
After switching to PAM scripted authentication...
Hello,
I am requested to make a study on the possibility to integrate Splunk authentication/authorization with Cyberark PAM/PSM.
To get connected into Splunk, the users should g...
Hi, I want to rewrite the event based on some keyword in event.
For Example:
Junly 27 10:00:05 UTC IF_DOWN SYSLOG_DAEMON
So if i match SYSLOG from the event and add field in event on H...
...ocumentation on authentication.conf , it does not indicate that this can be done. I just wanted to know if this is not possible, or if it's just not documented well.
Basically I want to use both LDAP a...
We are trying to deploy splunk with SSO according to documentation found on http://www.splunk.com/base/Documentation/4.1/Admin/Usesinglesign-onwithSplunk but are hitting a wall.
The suspicion i...
...istory of SSH (or even tty) logged-in users. I've found some shell wrappers like sudosh, rootsh, snoopy and so on but all of them have some disadvantages like only binary log format or it was not e...
...rom GoDaddy, on a server with the hostname of la.wiredrive.com. This is being used successfully for PAM based authentication of ssh and auth basic for other services so I do know it does play. A...
I am trying to create an alert to monitor for brute force attempt behavior for both linux and windows systems using a multisearch to stack my queries. I currently use the following query for Linux b...
...Therefore, I was wondering if anyone has successfully used a WBEM type client on Linux to do this (i.e. similar to how Cacti does it, I think) or if anyone is aware of some other similar type w...