All,
Looking at some windows logs and came across the following commands ran on two separate computers. The "--no-log" concerns me and I can't seem to find if there is a place where logs would generate when this command is ran.
Has anyone seen or know why I would be seeing this? I am the only admin for these hosts so at first glance this looks like a bad actor.
Hi did you ever determine what the root of this was? I'm seeing the same thing in my environment and would like to understand what's going on.
Can you try running btool with —no-log option and check if that’s displaying some output?
Can you post the full windows logs ? so to figure out why do you see these ?
Hi @jordanking1992
Please check the usage of the btool command.
splunkhome/bin/splunk btool "conf file prefix" list --debug --app="appname"| grep "if you want to grep something from conf file"
and also use "> /var/tmp/123.txt" to write results into text file
here is the link to splunk doc
& splunk does writes logs about btool in splunkhome/var/log/splunk/bttol.log
Thanks
Thanks for the information but the question is "What am I seeing in those screenshots?". I cannot find the --no-log anywhere in the documentation.
-Jordan