We want to be able to use Splunk as an auditing tool for our groups local and to Active Directory groups. If changes to the groups accur, we want to be able to see that in a Splunk dashboard.
Hi, I have a lot of event data, where every instance can be idendified by a unique ID. Every instance contains several activities. Some activities occur not only once. For some this is okay, but for...
...membership changes.
The query for the alert has the group names to be monitored hard coded. This most definitely does not scale.
What we would ideally like is to monitor any membership changes...
Hi, I require a little help here as i having spent a lot of time researching for a solution without any luck I have a vehicle idling data where the data is like below, MACHINE ...
...ays"=70.01-80 "81-90 Days"=80.01-90 "91-100 Days"=90.01-100 ">100 Days"=100.01-1000 |chart count as count1 over work_queue by range |rename work_queue as "Owner Group" |table "Owner Group" "11-2...
Hi everyone,
I'm a total Splunk noob. The title basically says it all. I recently changed the group from enterprise to forwarder. Now I cannot access the GUI. Is there a way I can change it back f...
Hello all,
I could use some help here with creating a search. Ultimately I would like to know if a user is added to a specific set of security groups what security groups if any were r...
I'm attempting to generate a table which shows the time between two consecutive login events for a user when the IP address of their system changes. I'd like to be able to sort the table by s...
Hi Team, We have DB alerts for server sitpdb0033 are assigning to windows support team first , it needs to be assign to SQL team, How to change the assignment group from windows support team to S...