***Notable response actions and risk response actions are always triggered for each result. ... View more

DB Connect 3.1.4 now supports OpenJDK 8. https://docs.splunk.com/Documentation/DBX/latest/ReleaseNotes/Releasenotes Update to 3.1.4 and your error will go away! ... View more

You can use ACLs. I got direction from this article to set this up in my CentOS test environment. https://unix.stackexchange.com/questions/176666/how-do-i-know-acls-are-supported-on-my-file-system#176731 From the article: Some filesystem types always have ACL available, regardless of mount options; this is the case for tmpfs, xfs and zfs. To check your filesystem: df -T If you're running with one of these filesystem types, you can set permissions as required by following this article: https://www.server-world.info/en/note?os=CentOS_7&p=acl examples: To set acl to a directory recursively: setfacl -R -m u:splunk:r /var/log getfacl -R /var/log To set acl for individual files: setfacl -m u:splunk:r /var/log/messages ll /var/log/messages If you are running a filesystem that does not have ACLs available natively, then here is an article to run through in your test environment: http://wiki.whyaskwhy.org/GNU_Linux/Permissions/POSIX_ACLs Take care. Brush your hair. ... View more