×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
tfpblanchard
Explorer
Member since: ‎06-19-2014
‎06-05-2020
Community Statistics
Posts 6
Solutions 0
Karma Given 18
Karma Received 0
Member Since ‎06-19-2014
Activity Feed
Topics I've Started
No posts to display.
View All

Re: FilesystemChangeWatcher - error getting attrib...

by in Getting Data In
‎02-22-2023 04:37 AM
‎02-22-2023 04:37 AM
I had the same error, I fixed it by giving splunk user read access to the  logs and the directory they reside in. ... View more

Re: Security Concern: Does Splunk Need A Shell

by in Security
‎09-22-2021 05:13 AM
‎09-22-2021 05:13 AM
Yes I confirm, as of today on a CentOS 6 server we tested to modify the shell for splunk user from /bin/bash to /sbin/nologin On this server it is running the Splunk Universal Forwarder. After having modified the /etc/passwd file and restarted the Splunk Universal Forwarder it is still working, as well as the scripts directly launched by it. #to modify the shell usermod -s /sbin/nologin splunk #to restart the Universal Forwarder /etc/init.d/splunk restart   ... View more

Re: Permissions on /var/log

by in Security
‎11-20-2019 11:52 AM
‎11-20-2019 11:52 AM
For privileged ports, I prefer either a reverse proxy server or an iptables redirect https://www.cyberciti.biz/faq/linux-port-redirection-with-iptables ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to