Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About PCT80000
PCT80000
Explorer
Member since:
03-03-2015
12-10-2021
Community Statistics
| Posts | 12 |
| Solutions | 0 |
| Karma Given | 1 |
| Karma Received | 1 |
| Member Since | 03-03-2015 |
Activity Feed
- Posted Use of DUO SSO with Splunk on prem? on Splunk Enterprise. 12-10-2021 09:13 AM
- Karma adding Threat feed to Enterprise Security for sabaKhadivi. 11-16-2020 03:30 AM
- Got Karma for Data Inventory Introspection not completing in 3.0.0. 06-05-2020 12:50 AM
- Posted Data Inventory Introspection not completing in 3.0.0 on Splunk Enterprise Security. 10-29-2019 05:39 AM
- Tagged Data Inventory Introspection not completing in 3.0.0 on Splunk Enterprise Security. 10-29-2019 05:39 AM
- Tagged Data Inventory Introspection not completing in 3.0.0 on Splunk Enterprise Security. 10-29-2019 05:39 AM
- Posted Re: Why has AeroHive Security stopped working after the recent firmware update? on All Apps and Add-ons. 03-28-2019 08:00 AM
- Posted Why has AeroHive Security stopped working after the recent firmware update? on All Apps and Add-ons. 02-06-2018 07:38 AM
- Tagged Why has AeroHive Security stopped working after the recent firmware update? on All Apps and Add-ons. 02-06-2018 07:38 AM
- Tagged Why has AeroHive Security stopped working after the recent firmware update? on All Apps and Add-ons. 02-06-2018 07:38 AM
- Tagged Why has AeroHive Security stopped working after the recent firmware update? on All Apps and Add-ons. 02-06-2018 07:38 AM
- Posted Re: How do you convert an indexer into a heavy forwarder? on Getting Data In. 11-13-2017 02:10 AM
- Posted Re: How do you convert an indexer into a heavy forwarder? on Getting Data In. 11-09-2017 08:56 AM
- Posted Re: How do you convert an indexer into a heavy forwarder? on Getting Data In. 11-09-2017 08:15 AM
- Posted Re: How do you convert an indexer into a heavy forwarder? on Getting Data In. 11-09-2017 01:58 AM
- Posted Re: How do you convert an indexer into a heavy forwarder? on Getting Data In. 11-08-2017 10:05 AM
- Posted How do you convert an indexer into a heavy forwarder? on Getting Data In. 11-08-2017 09:31 AM
- Tagged How do you convert an indexer into a heavy forwarder? on Getting Data In. 11-08-2017 09:31 AM
- Tagged How do you convert an indexer into a heavy forwarder? on Getting Data In. 11-08-2017 09:31 AM
- Tagged How do you convert an indexer into a heavy forwarder? on Getting Data In. 11-08-2017 09:31 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 1 | |||
| 0 | |||
| 0 |
12-10-2021
09:13 AM
Hi all, We have Splunk on-prem and have recently started using DUO for authentication. We are interested in knowing if anyone has configured SSO for their Splunk and how they did it? The DUO documentation points at having to install a Duo Access Gateway. At the moment we have an AD sync to Duo but no D.A.G. We also have access to Azure and wondered if we could use that as an identity provider instead? Thanks!
... View more
Labels
- Labels:
-
administration
-
configuration
10-29-2019
05:39 AM
1 Karma
We have upgraded the app to 3.0.0, but now we cant get the Data Inventory Introspection to complete.
In the previous version under the beta tab, there was an additional button to the right of the "play\pause" button. You were also able to expand the status window and manually correct individual searches.
The result is that we cant use the MITRE ATT&CK framework view any more. Nothing is being shown as active content.
... View more
03-28-2019
08:00 AM
Hello Thomas,
Sadly no. We will probably switch to a new wifi system that gives us better monitoring.
... View more
02-06-2018
07:38 AM
Since a firmware update of the access points in October 17 (8.1R2) this app stopped working. It seems that the information provided from the syslog has been drastically reduced. A recent update has increased this slightly, but not to the level where it is useful for the Splunk app.
Are there any plans to restore this functionality?
... View more
11-13-2017
02:10 AM
Brilliant, thanks for all your help
... View more
11-09-2017
08:56 AM
thanks xavierashe. Would we still need to have the indexer running in this config?
... View more
11-09-2017
08:15 AM
What we need is to get the syslog event data to the two new indexers.
We were hoping that the existing old indexer would use its inputs.conf to process the many different syslog tcp ports into events for the correct indexes. We dont know if changing the outputs.conf to point at the new indexers would just mean that the syslog tcp would be sent directly to the new indexers, or if it will be event data.
... View more
11-09-2017
01:58 AM
would we need to change indexAndForward to true in order for the server to continue to resolve events from different syslog tcp ports into the correct indexes and then forward these on. Is this what defines a heavy forwarder?
... View more
11-08-2017
10:05 AM
We could do this, but it is an appliance supplied by Balabit (SyslogNG-StoreBox). I dont think we have access to install splunk.
... View more
11-08-2017
09:31 AM
Hello all,
We are replacing our single Splunk indexer with a pair of new indexers and have migrated all the indexes except those filled by syslog sources.
We know that sending syslog straight to an indexer is not best practice, so we are now looking at directing this to SyslogNG first. However, we would like to make use of the old Splunk indexer server to take the output of syslogNG and load balance it to the two new indexers.
What we don't understand is if this is simply a matter of editing the old indexers outputs.conf or if the indexer will still need to function to take the different UDP data input ports and direct them to the correct indexes.
Thanks in advance!
... View more
10-27-2017
06:47 AM
That matches our perms. Apologies but I can't think of any other suggestions here.
... View more
10-27-2017
04:57 AM
Hello,
Is it worth checking permissions to the .conf file containing the password? Our installation holds this in \local\passwords.conf
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
12-10-2021
12:34 PM
|
