Splunk App for Windows Infrastructure: We've allow...

arber · ‎08-20-2015

Hi,

We are implementing the Splunk App for Windows Infrastructure, and we wanted to have the powershell scripts running. We have set up the servers to allow the running of the powershell scripts, but unfortunately, we still do not see the data coming. We have deployed the TA-DomainController-2012R2 app as they are Windows 2012 R2 servers, but still no logs are coming. In our environment, we also have some 2008 servers that we can collect the logs coming from the powershell. Any idea what's to be done on 2012 R2 servers ?

Thanks

tskinnerivsec · ‎08-20-2015

Have you tried running the powershell scripts manually on the Windows server in question to verify an error is not occuring, and if output is being created correctly? (ie, all required powershell commandlets installed, etc.)

Splunk App for Windows Infrastructure: We've allowed the Powershell scripts to run on our Windows 2012 R2 servers, but why is no data coming in?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Announcing Modern Navigation: A New Era of Splunk User Experience

Observability Simplified: Combining User Experience, Application Performance & ...

Event Series May & June: From Network Visibility to Service Intelligence

Join the Conversation