Hey,
I have problem to determine the urls which lead a customer to a certain url "x". I have an apache-log in which I can determine what urls the customer visited thanks to JSESSIONID. What I don't...
I am attempting to track user activity from vdi login to the use of a shared account to log into an application. For example, user = Tim logs into his VDI session VDI-XXXX at 9am, then opens up a...
We want to be able to use Splunk as an auditing tool for our groups local and to Active Directory groups. If changes to the groups accur, we want to be able to see that in a Splunk dashboard.
hello, I want to track all active session(RDP) in the network and see who login which server, what is the source IP address, and the sum of minutes of the active session
I use this code found in t...
I have a query where I can see in a snapshot current active users per VPN profile (group). Having a hard time being able to plot number of active sessions on a timechart. The timecharts I make s...
...he proper audit setting is created. Anyone have the Event Codes that provide WMI activity logs?
We'd also like to know what events show other activity (like PtH, Golden Ticket, Silver Ticket)?
A...
...am yet a different message
2, destroy, Remove this other thing
, , And I am yet a different message
I want to get:
activeids, id, action, message
1, 1, add, A...
...ogout_time field in raw data. Now, the requirement is to track all activities done by the user starting from login_time and ending with login_time + 8 hours. 1) How do i add t...
I am struggling to find how to write this query to calculate active user's on our system. Currently we have a syslog that logs log in's and log outs. The syslog is on the same host (if that m...