Hi Splunkers, I have a request by my customer. We have, like in many prod environments, Windows logs. We know that we can see events on Splunk Console, with Splunk Add-on for Microsoft W...
If a party decided to split all events into their own index's (IE. winevent_security to "security", winevernt_application to "application" etc), but then they had a thirdparty security group that n...