All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk app for windows ad object monitoring

catchvjay
New Member
‎02-09-2021 07:17 AM

Hi,

We are trying to setup splunk app for Windows ad object monitoring as per MS Windows AD Objects | Splunkbase. Here we already have Windows TA Infrastructure app configured and sending logs to separate indexes rather than default mentioned in the app.

Whenever I provide that index name in macro and run autocheck, it is not able to detect the data in that index. When I search that index in splunk search, I can see data coming into that index.

We have data configured in xml based log format instead of classic ones. We have following setup.

catchvjay_0-1612883767419.png

What could be the reason this app is not able to detect the data?

 

Labels (1)
Labels
0 Karma
Reply

ajacobi
Path Finder
‎02-11-2021 07:25 PM

I'm experiencing this also. Will post if i find anything to explain why 

0 Karma
Reply
Get Updates on the Splunk Community!

Get the T-shirt to Prove You Survived Splunk University Bootcamp

As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...