cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
afamuyiwa
Engager
Member since: ‎08-08-2017
‎06-05-2020
Community Statistics
Posts 4
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎08-08-2017
Activity Feed
View All

Re: Why can't I get the deployer to push apps to s...

by in Deployment Architecture
‎03-28-2019 07:43 PM
‎03-28-2019 07:43 PM
Did you resolve your issue? Experiencing the same issue myself. I tried to re-enter the passkey and shcluster label, then restart Splunk service. No luck ... View more

Qualys scan detecting various SSL certificate vuln...

by in Getting Data In
‎05-30-2018 10:28 AM
‎05-30-2018 10:28 AM
Our Qualys report detected various SSL certificate vulnerabilities for any devices using Splunk universal forwarder via 8090. We have deployment server configured to push configuration to servers running Splunk agent. After doing some research it appears we need to create a certificate on the deployment server and distribute to any server running Splunk agent. I'm curious to know which certificates I need to distribute. I was able to create self-sign certificates on the deployment server. I would like to resolve vulnerabilities detected by Qualys. I found the following documentation that cert authentication is not recommended for deployment and clients. - https://docs.splunk.com/Documentation/Splunk/7.1.0/Security/Securingyourdeploymentserverandclients Additional information: http://docs.splunk.com/Documentation/Splunk/7.1.0/Security/Howtoself-signcertificates http://docs.splunk.com/Documentation/Splunk/7.1.0/Security/HowtoprepareyoursignedcertificatesforSplunk Qualys Vulnerabilities: • X.509 Certificate SHA1 Signature Collision Vulnerability • SSL Certificate - Self-Signed Certificate • SSL Certificate - Expired • SSL Certificate - Subject Common Name Does Not Match Server FQDN • SSL Certificate - Signature Verification Failed Vulnerability • HTTP Security Header Not Detected ... View more

prevent specific syslog from routing to 3rd party ...

by in Deployment Architecture
‎01-21-2018 10:27 PM
‎01-21-2018 10:27 PM
Is it possible to prevent specific logs from routing to a 3rd party vendor? We have IPS system that is generating too much logs for our 3rd party vendor. Logs appear fine in our Splunk environment. My only dilemma is that our heavy forwarder receives logs from various network devices sending logs using UDP:514. Other than changing the port number on our IPS systems is their another way to use props.conf and transform.conf to avoid sending logs to a 3rd party vendor and keep the logs in Splunk only? ... View more

Re: Cisco eStreamer for Splunk: How to configure e...

by in All Apps and Add-ons
‎08-15-2017 01:44 PM
‎08-15-2017 01:44 PM
I'm running into the same issue as well. I have estreamer setup on a heavy forwarder with limited storage space. Does anyone have recommendation how much disc storage is required for the estreamer.log for at least 7 days of retention to start off with? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma given to
View All