Installation

what are the app and add on to monitoring active directory ?

hichem_khalfi
Path Finder

Bonjour à tous

s’il vous plaît je suis un étudiant et c’est la première fois que j’utilise splunk

J’ai installé splunk enterprise sur mon windows 10

Je dois surveiller mon Active Directory (serveur), mais je ne trouve pas l’application et le module complémentaire que je recherche

J’ai essayé quelques ajouts et je peux recevoir des données du serveur pour rechercher sur le Web,

mais j’ai besoin d’un tableau de bord comme l’application splunk pour l’infrastructure Windows (fin de vie) ou l’application MS WINDOWS AD (j’ai un problème avec elle)

s’il vous plaît qui peut m’aider?? Je dois terminer mon projet dès que possible

Labels (3)
Tags (2)
0 Karma

tshah-splunk
Splunk Employee
Splunk Employee

It seems that you have configured the server to forward the data to Splunk. 

Installation guide for ITE Work - https://docs.splunk.com/Documentation/ITEWork/4.12.0/Install/Install

After installation of ITE Work, you can proceed with the installation of Content Packs (#5391) as mentioned here - https://docs.splunk.com/Documentation/ContentPackApp/1.5.0/Overview/Install

For visualizations of AD servers and objects, Content Pack for Windows Dashboards and Reports will be helpful.

Configuration steps for Windows Content Pack can be found here - https://docs.splunk.com/Documentation/CPWindowsDash/1.0.0/CP/Install

You will also need to create a few indexes and install supporting add-ons like SA-ldapsearch (#1151) and Splunk add-on for Windows (#742) for AD monitoring and data collection. The details have been provided in the above-mentioned docs.

---
If you find the answer helpful, an upvote/karma is appreciated

tshah-splunk
Splunk Employee
Splunk Employee

Hi @hichem_khalfi,

You can try installing ITE Work (https://splunkbase.splunk.com/app/5403) and use Content Packs (#5391) to use the content pack for windows infrastructure to get access to dashboards like splunk app for windows infrastructure. 

---
If you find the answer helpful, an upvote/karma is appreciated

hichem_khalfi
Path Finder

hi @tshah-splunk 

as I told you I'm a student, I'm not a professional so explain to me step by step please

what I know I need an app (view data) and an add on (collect information and organize it....ect)

in our case: what you offered me is an application, should I also have an add on or not? is the installation of this application sufficient without creating an index and sourcetype??

I'm sorry but I'm a bit of a beginner

Tags (3)
0 Karma

hichem_khalfi
Path Finder

merci

0 Karma
Get Updates on the Splunk Community!

What's New in Splunk Enterprise 9.4: Features to Power Your Digital Resilience

Hey Splunky People! We are excited to share the latest updates in Splunk Enterprise 9.4. In this release we ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

SignalFlow: What? Why? How?

What is SignalFlow? Splunk Observability Cloud’s analytics engine, SignalFlow, opens up a world of in-depth ...