...arry over to enterprise security. On the Security Posture dashboard, the user I want to limit access of datato can see everything. This is because there are no restrictions in place on the "e...
...uposidly secure index
[role_user]
srchIndexesAllowed = index1
Our platform team is not necesserily allowed to see the data in the indexes we have, but they need to be able to administer Splunk...
Hi all,
I'm trying for the very first time to parse XML with Splunk.
My file is a Qualys report. Typically, however, I can' t use the Qualys Splunk app as I receive only the XML report file....
Has anyone had luck defining Anomali Limo as a TAXII feed in Splunk Enterprise Security (ES)?
Our internal STAXX app can connect to Anomali Limo as guest/guest and access multiple feeds. We r...
...n a single Windows server to test ingestion, sending to a custom index, and filtering events by the Splunk instance prior to indexing, and the UF isn't having any issues communicating or sending e...
Hi,
I am using OMS add-on. I have one index with one host,source and source type.
Now I want to limit accessto specific table like below:-
1. index=idx table=security-----------User1
2. i...
Hello. I'm new toSplunk. This may become obvious with my next question: I would like to restrict accessto certain hosts or fields on a per-user basis. IE. I might want our Help Desk to not be a...
Hi,
A quick question on how secure are our logs being stored in Splunk?
Understand the access rights for log files located in /opt/splunk/var/log/splunk only allows root to have read/write access...
...hrough a firewall to my indexer in the intranet.
If searched the splunk doku and found only one document:
https://docs.splunk.com/Documentation/Forwarder/7.3.5/Forwarder/Controlforwarderaccess
(I...