×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
bmarona
Explorer
Member since: ‎02-11-2020
‎05-26-2021
Community Statistics
Posts 7
Solutions 1
Karma Given 2
Karma Received 0
Member Since ‎02-11-2020
Activity Feed
View All

Re: Command ldapsearch and collect to index data

by in Splunk Enterprise
‎01-22-2021 03:38 AM
‎01-22-2021 03:38 AM
@scelikokUnfortunately | table _raw doesn't work - it still connects events into one big event. So I believe I need to stick to a table version of attributes which is much worse in regards to readability. ... View more

Re: Deployment Client downloads configuration from...

by in Deployment Architecture
‎09-10-2020 04:53 AM
‎09-10-2020 04:53 AM
Hi, I know what was the issue. I found in one app a serverclass.conf file with stanza: [global] excludeFromUpdate = $app_root$/local The setting was no longer needed so i have disabled it and DS deploys configuration to Splunk local dir. ... View more

Re: |rest - different results for admin and power ...

by in Security
‎03-27-2020 08:10 AM
‎03-27-2020 08:10 AM
Hi, Have you tried to provide edit_user capability to power user? Here is description of edit_user capability. edit_user Lets the user create, edit, or remove users. A role with the edit_user capability can assign any role to other users. To limit this ability, configure grantableRoles in authorize.conf. For example: grantableRoles = role1;role2;role3. Also lets a user manage certificates for distributed search. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎05-26-2021 06:58 AM
Karma given to
View All