Hi everyone, I have started working in Splunk UBA recently, and have some questions: Anomalies: How long does it take to identify anomalies after receiving the logs usually? Can I define anomaly rules? Is there anywhere to explain the existing anomaly categories are based on what or will be looking for what in the traffic? Threats: How long does it take to trigger threats after identifying anomalies? Is there any source I can rely on for creating threat rules? As I am creating rules and testing but with no results. ... View more

Hi all, While I was registering to www.splunk.com I made a typo in my Company's name and chose the wrong location, can anyone support in how I can change this information? ... View more

Hello Splunkers! I am downloading the eStreamer TA for Splunk (Cisco Secure Firewall app), and I am facing the issue below:   /opt/splunk/etc/apps/TA-eStreamer/bin/encore$ openssl pkcs12 -in client.pkcs12 -nocerts -nodes -out "/opt/splunk/etc/apps/TA-eStreamer/bin/encore/10.1.50.10-8302_pkcs.key" Enter Import Password: Error outputting keys and certificates 802B49170A7F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:349:Global default library context, Algorithm (RC2-40-CBC : 0), Properties ()   I understand that this error is related to Python package, but I can see that Python is already installed: Can anyone help me? ... View more

Hello! I have installed the kemp add-on from here: https://splunkbase.splunk.com/app/6830 . The issue is I cannot find a proper documentation on how to setup data and what sourcetype to specify in the inputs.conf . For more context, I am collecting the logs through syslog not API, so I need to specify the sourcetype in the inputs.conf for parsing to work properly. ... View more

Hello Splunkers! Is there a way to collect iPad logs? I saw the Mint iOS SDK documentation, but I don't find it clear. ... View more