I installed the Splunk App for Active Directory, rebooted as requested after install. If I try to open the app, though, it gives me a number of "unknown module" errors.
I am running this on the free version of Splunk 4.3 for Windows, in case that matters.
Be sure to check the Platform and hardware requirements topic in the documentation. It mentions Sideview; you will also need the Splunk Technology Add-on for Windows, version 4.5 or later.
You were both right! I didn't read the directions carefully enough...
I think I have it from here. Just a little more setup to do.
Be sure to check the Platform and hardware requirements topic in the documentation. It mentions Sideview; you will also need the Splunk Technology Add-on for Windows, version 4.5 or later.
You just need to install the Sideview Utils app. You need at least the 1.3 version on Splunkbase,
http://splunk-base.splunk.com/apps/36405/sideview-utils
although you can also evaluate the new, improved, but no longer free 2.0 version by going to the Sideview site directly http://sideviewapps.com/apps/sideview-utils/ and clicking "download trial".
It's possible for client apps to detect Sideview Utils in such a way that you don't hit that barrage of "unknown module" alerts. I'll try and follow up with the developer and show them how that can be more user friendly.