Hello,
I am working on dashboard for our Linux admins. They require being able to view all events from /var/log/sudo.log, /var/log/secure and /var/log/audit/audit.log for a single user on a s...
Hi team,
Please help me to figure out the issue.
I would like to create a dashboard using my Audit logs to capture my break time.
I'm trying to use time difference between Successful Logoff a...
I've been asked to update 'Imperva Database Audit Analysis' and I'm running into issues trying to update the AuditDashboard. The sanitized data looks like this Nov 10 23:20:52 s...
...odes for the aforementioned events, grouped by Account Lockout events. I'd like for other users to log onto this dashboard, and by simply typing in the "Account_Name" (as it appears in the log) return a...
...umber of events i can see with the tstats command is much lower than the number in the _internal metrics.log .
Can anyone please help me understand the reason for this ?
Thanks !
Hi all, Why the count of "Event per day" in the "Indexing audit" dashboard is not match with |tstats result? Eg. The number from "Event per day" in the "Indexing audit" dashboard...
what are the benefits of using each one of the approaches (Universal Forwarder(UF) on the VMs over using the Splunk Add-on for Microsoft Cloud Services)?
Which one of them is easier to install/conf...
...alling REST endpoint" on our search head servers. Also ITSI Analytics Monitoring dashboard shows "The number of Rules Engine Processes as zero". We checked the cluster status and there is no issue w...