Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to check if an account or username is locked through Splunk? This is not related to window login or Unix Login...

bsaujla131984
Path Finder
‎08-24-2018 06:00 PM

We have been issues when application stops responding , when a particular account gets locked.

I would like to create an alert to overcome this issue.

Tags (1)
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎08-25-2018 03:22 PM

Is the application logging account lockouts to Splunk? If so, you can create an alert when a lockout event is detected. If the application does not log to Splunk then Splunk has no way to know the account has been locked out and cannot alert you.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...

Combine Multiline Logs into a Single Event with SOCK: a Step-by-Step Guide for ...

Combine multiline logs into a single event with SOCK - a step-by-step guide for newbies Olga Malita The ...