Windows Infrastructure app - Active Directory Erro...

PanIrosha · ‎11-08-2018

Hi Experts

I have installed and configured Splunk app for windows infrastructure in our search head as per the instruction on the Splunk Docs.

I can see all events in indexes (wineventlog, windows, msad, perfmon) etc. but i can't see any Active directory related information in the app. when i run "Customise Feature" option i can see below results;

Active Directory: Domains not found.
Detecting Domain Controllers ...
Active Directory: Domains not found.
Detecting Domain Controllers ...
Active Directory: Domain Controllers not found.
Detecting DNS ...
Active Directory: Domains not found.

any idea what might be the reason ?

Many Thanks.

Ibbers · ‎11-24-2020

How did you go setting up the Windows infrastructure app? Did you eventually succeed running the guided setup?

molinarf · ‎05-02-2019

I don't know if your question has been answered, but I think it would help if we know what versions of Splunk App for Windows Infrastructure are you running and which Splunk Add-On for windows?

Windows Infrastructure app - Active Directory Error

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

Are you a member of the Splunk Community?

Windows Infrastructure app - Active Directory Error

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?