All,
We have Windowsand Linux BIND DNS servers logging into one index in Splunk. Because of the way Windows logs domain names in DNS requests we are doing a search time extraction. If I want to s...
...isabled."
Anyone have ever experienced this behavior onSplunk ITSI? Or have any knowledge of which is the source app/add-on that contains this eventtype that is being referenced by ITSI?
Thanks!