Hello splunkers,
I am trying to achieve an export szenario to rapid7 in which all active directory data will be transfered to the other service. With the official guide from Splunk I can export the data, but the data is not formatted in JSON. Instead every line is send by it's own, which leads that every attribute happens to be an own entry which won't help, because I can't search an log that is split into different pieces.
Has anyone experience on the transfer process?