Hi All,
When trying to pull AdminAudit logs from Exchange to Splunk we are only receiving the following log (Which is divided to 2 logs):
First log:
WARNING: An unexpected error has occurred and a Watson dump is being generated: Object reference not set to an instance
Second log:
of an object.
Can please someone explain how to resolve this issue and get proper admin audit logs from exchange?
Did you setup the splunk service in windows to run as a domain service account on the exchange server?
If yes, then assign that domain user account the relevant role within exchange server.
Hi,
Can you assist good sir?
Thanks!
Hi,
Thank you for answering.
Which role is needed on the Exchange server?
Thanks!