Monitoring Splunk

LDAP Request Monitoring

Error401
Observer

Hello,

I'm a complete newbie to Splunk so correct me if I'm wrong somewhere.

I'm trying to monitor LDAP request, I have more than 21sites in our Domain.

I'm using the Splunk App for Windows Infrastructure and IT Operation.

Is there any way I can get 30days LDAP request from these applications or Splunk.

I'm taking out the logons weightage but it is taking almost forever to even get 5 days records - 

 

Dashboard_1Dashboard_1Dashboard_1Dashboard_1

Note - I don't have any admin privilege and no configuration can be allowed in the Splunk. Only READ-ONLY mode is available, I cannot run any query.

HELP ME SUGGEST SOMETHING SO THAT I CAN GET THE LDAP REQUESTS FROM THE DC.

TOTAL DC COUNT - 69

 

THANKs

0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud’s AI Assistant in Action Series: Analyzing and ...

This is the second post in our Splunk Observability Cloud’s AI Assistant in Action series, in which we look at ...

Elevate Your Organization with Splunk’s Next Platform Evolution

 Thursday, July 10, 2025  |  11AM PDT / 2PM EDT Whether you're managing complex deployments or looking to ...

Splunk Answers Content Calendar, June Edition

Get ready for this week’s post dedicated to Splunk Dashboards! We're celebrating the power of community by ...