Splunkbase says SplunkAdd-onforMicrosoftActiveDirectory is complaint with CIM VERSIONS 4.0, 3.0 ( https://splunkbase.splunk.com/app/3207/ ), but I cannot find the documentation like other Splunk...
We have an issue with theMicrosoft Azure ActiveDirectory Reporting Add-onforSplunk where it's not retrieving all the signin events.
We currently have our interval set at 60 seconds. We can t...
One question about “Microsoft Office 365 App forSplunk”.
Can it use log data from “Microsoft Azure ActiveDirectoryAdd-onforSplunk” forthe Azure AD logs?
Or does it can only get logs d...
Logs from Microsoft Azure ActiveDirectory Reporting Add-onforSplunk are in Chinese. Tried encoding it by setting the CHARSET value to AUTO as well as GB18030 in props.conf file. But still the s...
Good Morning,
I'm trialing Splunk Cloud in anticipation of a purchase. I have installed Splunk Enterprise as the deployment server and universal forwarders on three servers. My clients are s...
Hi everyone. Is there any way to resolve GPO GUID or SID within Windows Security Logs? For instance, when we change any GPO in the domain it is logged under EventCode 5136. There is a CN name i...
My company is transitioning from an on-premise MFA setup within ADFS to the Azure MFA setup. What's the best approach to getting those MFA events into Splunk? Does theSplunkAddon forMicrosoft...
Help me out with this question...
Can AD be monitored by theSplunk enterprise which is running on linux..? I refered to thesplunk documentation of
https://docs.splunk.com/Documentation/Splunk...