We need to allow a non admin user to be able to create, modify and delete maintenance windows from ITSI. We have try to add this capabilities to the user_role:
- read_maintenance_calendar
- w...
Hi!
My goal is to be able to tie together events from Linux events and Windows events in order to track Windows users logging in as root or admin users on Linux machines. Both indexes share a c...
...t doesnt work. On the last step of installation it reverts and fails. When installing with admin permissions - installation completes. But I need to run this service without any admin permissions, b...
Hello,
Is there a way to have Splunk notify admins when a user has removed a windows application or installed an application that they are not supposed to? I know you can search Windows event I...
This question deals with making a locally installed instance of Splunk available to end users who do not have admin privileges on their win7 PC.
I log onto to an end user’s PC as admin and i...
I've been setting up the Splunk forWindows Infrastructure app on my search head cluster. In the instructions it says to add the winfra-admin role to a user. In authorize.conf in $SPLUNK_HOME/etc/s...
Hi, how can I reset the admin password of Splunk Enterprise 6 trial version that was installed in a computer running Windows 7 operating system?
I installed the application and worked fine. L...
I have to build a Dashboard to see all Logged in Admins. So i search for Eventcode 4624 and 4634 and Logon Type 2 and 10. But to get these Events only for a specific User group, I have to do a s...
Hi ,
I'm trying to install Splunk app forWindows Infrastructure - when i got to the prerequisite section the test for Users and/or groups configured with winfra-admin user role came out with e...