All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

ADAudit plus integration with Splunk Enterprise

sir_swade
New Member
‎05-28-2024 01:04 PM

Has anyone be able to get adaudit plus to integrate with Splunk Enterprise?  I followed these instructions but have not gotten any data to show on the indexer.

SIEM integration | Admin settings | ADAudit Plus (manageengine.com)

Also contacted ManageEngine support which has not be able to figure out the issue.  I searched the forum and found this old thread but no one had a response.

How to get audit plus manager logs into splunk ent... - Splunk Community

Any help is appreciated, thanks.

Labels (1)
Labels
Tags (1)
0 Karma
Reply

maheshnc
Path Finder
‎03-05-2026 02:03 AM

Hi,

Have you got resolution?

0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎03-05-2026 02:17 PM

I don't think the ADAudit solution is a very popular one so it might be difficult to find someone with much experience with it let alone knowing your particular problem.

Having said that - the linked page describes pushing events to Splunk's HEC input - that's a fairly standard way of getting the data into Splunk so the troubleshooting would be as with any other HEC source - check if the source even tries to connect to your Splunk receiving component (indexer or HF, wherever you configured the HEC input). Check if it succeeds. Verify if TLS negotiates properly (if enabled).

These are all things you can get from a simple tcpdump/wireshark run.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...