×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Mitch_TA_Debug
Explorer
Member since: ‎01-28-2025
‎06-16-2025
Community Statistics
Posts 4
Solutions 0
Karma Given 1
Karma Received 1
Member Since ‎01-28-2025
View All

Re: Heavy forwarder has many "TcpInputProc - Input...

by in Installation
‎06-10-2025 08:07 AM
1 Karma
‎06-10-2025 08:07 AM
1 Karma
Still an issue in 9.3.2   The concept of "ignore all INFO level" messages doesn't sit with me well as a solution, there are useful messages at that level. ... View more

Re: How do I set timezone properly in props.conf?

by in Getting Data In
‎04-25-2025 08:01 AM
‎04-25-2025 08:01 AM
Gravedigging for karma / answering questions left unanswered: This would be set in most cases on the receiving indexers props.conf.  And you are very right, in no case should ../default/ be modified. Create a ../local/ or a whole new app if you'd like with a ../local/props.conf If all you do is modify a local props.conf by adding a sourcetype stanza with TZ, there's no requirement to restart splunk, it should detect that change on its own. ... View more

Re: Risk Vulnerability Assesment for list_storage_...

by in Splunk Enterprise
‎03-25-2025 12:17 PM
‎03-25-2025 12:17 PM
Thanks for the insight. Does this also mean that, once authenticated with hypothetically stolen account credentials, an attacker could retrieve plaintext passwords simply with REST commands? ... View more

Risk Vulnerability Assesment for list_storage_pass...

by in Splunk Enterprise
‎03-19-2025 06:08 AM
‎03-19-2025 06:08 AM
Does anyone know of a risk assessment done for apps like the Cisco SNA addon Cisco Secure Network Analytics (Stealthwatch) App for Splunk Enterprise | Splunkbase that require all users to have list_storage_passwords capability?  Does this capability mean that users (once authenticated) could craft a request that would provide them with a sensitive password in plaintext? Thanks ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎06-16-2025 07:25 AM
Karma from
View All
Karma given to
View All