Related Answers
Splunk Enterprise version 9.0 will no longer be supported as of June 21, 2024. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.
Download topic as PDF
Add ports and logs
Use boolean toggles to add logs
SELinux provides options to toggle booleans. For example, to access /var/log in Splunk Enterprise while in Common Criteria mode, you can add it as a boolean that can be toggled off or on by the user.
Allow network ports
Splunk Enterprise supports Splunk Web and management ports in our policy. You can add rules to allow custom ports such as TCP, UDP etc. For more information, see Add custom policies.
Last modified on 01 February, 2017
|
PREVIOUS Add custom policies |
NEXT Uninstall Splunk |
This documentation applies to the following versions of Splunk® Enterprise: 7.3.3, 7.3.4, 8.1.1, 9.0.4, 9.0.5, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 9.2.0, 9.2.1
Feedback submitted, thanks!