cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
alhoctamis
Explorer
Member since: ‎04-30-2020
‎07-05-2023
Community Statistics
Posts 8
Solutions 1
Karma Given 6
Karma Received 0
Member Since ‎04-30-2020
Activity Feed
View All

Re: After DB Connect upgrade from 3.8 to 3.10, it ...

by in Installation
‎09-30-2022 08:43 AM
2 Karma
‎09-30-2022 08:43 AM
2 Karma
I run into the same Issue when upgrading from 3.9 to 3.10. With this procedure I got it working again: Stop splunk rm -Rf /opt/splunk/etc/apps/splunk_app_db_connect/keystore/ rm -f /opt/splunk/etc/apps/splunk_app_db_connect/certs/identity.dat rm -f /opt/splunk/etc/apps/splunk_app_db_connect/certs/keystore_password.dat rm -f /opt/splunk/etc/apps/splunk_app_db_connect/jars/dbxquery.vmopts rm -f /opt/splunk/etc/apps/splunk_app_db_connect/jars/server.vmopts mv /opt/splunk/etc/apps/splunk_app_db_connect/local {backupfolder} Start Splunk Open the dbconnect app in the browser, on the welcome page, click the Configuration button. Configure the JDK setting and click save Restore db_connections.conf, db_inputs.conf and identities.conf to the splunk_app_db_connect/local folder. Restart Splunk On the configuration page go to Identities. Edit each identity, re-enter the password and save it. Also have a look on your input and output names. If there is a minus in the name it does not work again. The Names must match the regex \w+ otherwise it will crash in 3.10 ... View more

Splunk DB Connect access control not working as ex...

by in All Apps and Add-ons
‎09-01-2022 12:56 AM
‎09-01-2022 12:56 AM
Hello there, I am trying to implement some access control with DB Connect. I want to do something basic like: - users from role_a can only query db_a - users from role_b can only query db_b So I have meta files below: default.meta:     [] access = read [ admin , role_a, role_b ]     local.meta:     [db_connections/db_a] access = read [ role_a ] [identities/db_a] access = read [ role_a ] [db_connections/db_b] access = read [ role_b ] [identities/db_b] access = read [ role_b ]     As a result, when logged in as a user from role_a, as expected, I cannot see db_b connection/identity. However, I am still able to retrieve data from db_b using dbxquery:     | dbxquery "select ..." connection=db_b     It will still work despite not having read access to db_b connection/identity objects. Is there an additional metadata entry to limit dbxquery access to specified connections/identities, or dbxquery command does not take care of object permissions at all? ... View more
Labels

Re: What css is applied to a selected input link i...

by in Dashboards & Visualizations
‎02-01-2022 12:53 PM
‎02-01-2022 12:53 PM
I see! Thanks for the help abyhow ... View more

Re: Is there a simple way to get the current dashb...

by in Dashboards & Visualizations
‎07-28-2020 01:53 AM
‎07-28-2020 01:53 AM
It is possible by parsing view data using a background search: <search> <query>| rest splunk_server="local" /servicesNS/-/-/data/ui/views search="eai:acl.app=<app_name> label=<view_label>" | rex field="eai:data" "theme\=\"(?&lt;theme&gt;.+?)\"" | stats values(theme) as theme</query> <earliest>0</earliest> <latest></latest> <done> <set token="theme_tok">$result.theme$</set> </done> </search>   ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎07-05-2023 05:40 AM
Karma given to