...f the URL extraction is working for you, can you please share what you have configured for that? Thank you!
4 sample events below---
rec_type=71 dns_resp_id=0 ips_count=0 ssl_cipher_suite=T...
Hi, I am trying to look up data related to EventCode="4662", but it does not show in Splunk. Additionally I checked inputs.conf onthe indexer and it was not present, I copied inputs.conf from d...
Hello, I recently upgraded the "SplunkAdd-onforMicrosoft Office 365" on my Splunk Heavy Forwarder to version 3.0.0, running onSplunk 8.1.4. I configured the "Cloud App Security" integration a...
We are monitoring for specific Windows events on our Domain Controllers.
Inputs.conf looks like this:
[WinEventLog://Security]
disabled = 0
index = winevents
start_from = oldest
c...
...have installed the application "SplunkAdd-onfor Sysmon", and in another seperate splunk enterprise docker image I tried installing the "Microsoft Sysmon Add-on" application, In the i...
Hi all,
We have successfully registered and connected a new Azure Event Hub namespace via the 'SplunkAdd-onforMicrosoft Cloud Services' app which is on a dedicated Azure log collector machine, b...