https://community.splunk.com/t5/Monitoring-Splunk/LDAP-Request-Monitoring/m-p/519361#M4453 <P>Hello,</P><P>I'm a complete newbie to Splunk so correct me if I'm wrong somewhere.</P><P>I'm trying to monitor LDAP request, I have more than 21sites in our Domain.</P><P>I'm using the Splunk App for Windows Infrastructure and IT Operation.</P><P>Is there any way I can get 30days LDAP request from these applications or Splunk.</P><P>I'm taking out the logons weightage but it is taking almost forever to even get 5 days records -&nbsp;</P><P>&nbsp;</P><P><STRONG><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Dashboard_1" style="width: 999px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/10803i9C36298B2BD13567/image-size/large?v=v2&amp;px=999" role="button" title="Error401_1.png" alt="Dashboard_1" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">Dashboard_1</span></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Dashboard_1" style="width: 999px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/10804i461036AB1EDDB88C/image-size/large?v=v2&amp;px=999" role="button" title="Error401_2.png" alt="Dashboard_1" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">Dashboard_1</span></span></STRONG></P><P><STRONG>Note - I don't have any admin privilege and no configuration can be allowed in the Splunk. Only READ-ONLY mode is available, I cannot run any query.</STRONG></P><P>HELP ME SUGGEST SOMETHING SO THAT I CAN GET THE LDAP REQUESTS FROM THE DC.</P><P>TOTAL DC COUNT - 69</P><P>&nbsp;</P><P>THANKs</P> Mon, 14 Sep 2020 08:10:04 GMT Error401 2020-09-14T08:10:04Z https://community.splunk.com/t5/Monitoring-Splunk/LDAP-Request-Monitoring/m-p/519361#M4453 <P>Hello,</P><P>I'm a complete newbie to Splunk so correct me if I'm wrong somewhere.</P><P>I'm trying to monitor LDAP request, I have more than 21sites in our Domain.</P><P>I'm using the Splunk App for Windows Infrastructure and IT Operation.</P><P>Is there any way I can get 30days LDAP request from these applications or Splunk.</P><P>I'm taking out the logons weightage but it is taking almost forever to even get 5 days records -&nbsp;</P><P>&nbsp;</P><P><STRONG><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Dashboard_1" style="width: 999px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/10803i9C36298B2BD13567/image-size/large?v=v2&amp;px=999" role="button" title="Error401_1.png" alt="Dashboard_1" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">Dashboard_1</span></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Dashboard_1" style="width: 999px;"><img src="https://community.splunk.com/t5/image/serverpage/image-id/10804i461036AB1EDDB88C/image-size/large?v=v2&amp;px=999" role="button" title="Error401_2.png" alt="Dashboard_1" /><span class="lia-inline-image-caption" onclick="event.preventDefault();">Dashboard_1</span></span></STRONG></P><P><STRONG>Note - I don't have any admin privilege and no configuration can be allowed in the Splunk. Only READ-ONLY mode is available, I cannot run any query.</STRONG></P><P>HELP ME SUGGEST SOMETHING SO THAT I CAN GET THE LDAP REQUESTS FROM THE DC.</P><P>TOTAL DC COUNT - 69</P><P>&nbsp;</P><P>THANKs</P> Mon, 14 Sep 2020 08:10:04 GMT https://community.splunk.com/t5/Monitoring-Splunk/LDAP-Request-Monitoring/m-p/519361#M4453 Error401 2020-09-14T08:10:04Z