...loud and managed by Support.
Hence I have downloaded theadd-on "SplunkSupportingAdd-onforActiveDirectory" and installed in my Heavy Forwarder server and performed the configurations as m...
Hello,
I'm in the process of configuring theSplunk App for Windows Infrastructure on our Splunk Cloud. One component I'm having issues with is SA-LDAPSearch. I don't provide external LDAP a...
When I updated "SplunkSupportingAdd-onforActiveDirectory" to 2.1.6. I am getting below error messages in splunkd.log file for 10 out of 14 connectios.
Decrypted password from stanza=c...
I have seen how theSplunkSupportingAdd-onforActiveDirectory (SA-ldapsearch) can give me a list of all groups, and enumerate their membership, to include both nested and direct membership. I h...
I am currently trying to use Splunk to parse data from our ActiveDirectory. I have currently loaded the Apps:
SplunkAdd-onfor Microsoft ActiveDirectory 2.1.4
SplunkSupportingAdd-OnforActive...
We recently upgraded Splunk to 6.3.3 and it seems to have caused theSplunkSupportingAdd-onforActiveDirectory to stop working. I am not exactly sure when the problem started, it was working b...
...ind in DN-Format.
But with two domains we are not using Simple-Auth via TLS Port 636 but rather GSS-API without TLS on Port 389 (GSS will add an secure layer).
It seems theaddon does not support t...
Hi I try to list the different way to collect ActiveDirectory in Splunk Except if I am mistaken there is 2 main way to do that : Using theSplunkSupportingAdd-onforActiveDirectory: &n...
...users "Sid" instead of their username. I do however have SplunkSupportingAdd-OnforActiveDirectory, and have it configured. I have a report that pulls a CSV (users.csv) that gives me everyones s...
Hi everyone. Is there any way to resolve GPO GUID or SID within Windows Security Logs? For instance, when we change any GPO in the domain it is logged under EventCode 5136. There is a CN name i...