Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About ktatis268
ktatis268
New Member
Member since:
01-24-2019
06-11-2020
Community Statistics
| Posts | 5 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 01-24-2019 |
Activity Feed
- Posted Re: Upgrading from Pingfederate App 1.0.1 to 2.0.0 on All Apps and Add-ons. 02-18-2019 12:01 PM
- Posted Re: Upgrading from Pingfederate App 1.0.1 to 2.0.0 on All Apps and Add-ons. 02-18-2019 06:47 AM
- Posted Upgrading from Pingfederate App 1.0.1 to 2.0.0 on All Apps and Add-ons. 02-01-2019 08:11 AM
- Tagged Upgrading from Pingfederate App 1.0.1 to 2.0.0 on All Apps and Add-ons. 02-01-2019 08:11 AM
- Tagged Upgrading from Pingfederate App 1.0.1 to 2.0.0 on All Apps and Add-ons. 02-01-2019 08:11 AM
- Posted Re: Modifying Permissions for Lookup Files viewed in the App on All Apps and Add-ons. 01-31-2019 06:47 AM
- Posted Modifying Permissions for Lookup Files viewed in the App on All Apps and Add-ons. 01-24-2019 01:06 PM
- Tagged Modifying Permissions for Lookup Files viewed in the App on All Apps and Add-ons. 01-24-2019 01:06 PM
- Tagged Modifying Permissions for Lookup Files viewed in the App on All Apps and Add-ons. 01-24-2019 01:06 PM
Topics I've Started
02-18-2019
12:01 PM
Finally had some time to troubleshoot this further and I've realized that our logs are not pulling in all of the events. Below are the 18 event types that I can search within Splunk. That's 18/76 eventtypes that come with the app that cannot be found. It also correlates with the only dashboards that seem to work. How would I go about fixing this issue? Is the app also supposed to exist on our indexers? Documentation says search center only.
am.password.change.failure
am.password.change.success
idp.access.authnattempt.failure
idp.access.authnattempt.inprogress
idp.access.authnattempt.success
idp.access.slo.failure
idp.access.slo.success
idp.access.sso.failure
idp.access.sso.success
idp.access.sts.failure
idp.access.sts.success
oauth.request.issue.failure
oauth.request.authorize.success
oauth.request.issue.success
oauth.request.authorize.failure
sp.access.sts.failure
sp.access.sts.success
sp.access.authnrequest.inprogress
... View more
02-18-2019
06:47 AM
Finally had some time to troubleshoot this further and I've realized that our logs are not pulling in all of the events. Below are the 18 event types that I can search within Splunk. That's 18/76 eventtypes that come with the app that cannot be found. It also correlates with the only dashboards that seem to work. How would I go about fixing this issue? Is the app also supposed to exist on our indexers? Documentation says search center only.
am.password.change.failure
am.password.change.success
idp.access.authnattempt.failure
idp.access.authnattempt.inprogress
idp.access.authnattempt.success
idp.access.slo.failure
idp.access.slo.success
idp.access.sso.failure
idp.access.sso.success
idp.access.sts.failure
idp.access.sts.success
oauth.request.issue.failure
oauth.request.authorize.success
oauth.request.issue.success
oauth.request.authorize.failure
sp.access.sts.failure
sp.access.sts.success
sp.access.authnrequest.inprogress
... View more
02-01-2019
08:11 AM
Hello all,
So after performing an upgrade of the Pingfederate app I'm not able to see any data being populated by the dashboards. The dynamic dropdown never gets to the point of loading anything to select. Attempting the searches in S&R does however yield results (albeit 0 for most of them which begs the question of whether or not it worked).
Has anyone been able to have success with this app. The documentation on it leaves a lot to be desired...
... View more
01-31-2019
06:47 AM
That suggestion is, unfortunately, a non-stater in our environment. We have multiple SHCs all of which have over 300+ lookup files... Most of these lookups are the ones that come baked-in with other apps/TAs.
There has to be a better way of obfuscating those files. The stanza below is not helping as I'd hoped.
[lookups]
access = read : [ ] , write : [ admin ]
... View more
01-24-2019
01:06 PM
Is it possible to obfuscate lookups that users are do not have access to? I don't think it makes sense to display lookups and kv-stores that the users don't have access to edit. Also they're able to open them in the viewer which may be a bit of a security breach.
We would like our users to only see what they can edit.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-11-2020
08:18 AM
|
