Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
187 results
Sort by:
11-03-2024
05:41 AM
We have 500 domain workstations, and we have installed Splunk Universal Forwarders (UF) on the Active Directory server. The question is, how can we monitor the security logs of those workstations f...
Labels
- Labels:
-
LDAP
07-20-2023
01:09 AM
Hello, community, I wanted to ask a fundamental question regarding specific logs collection. The question is: Do we really pull logs from the AD by sticking an agent on that AD DC machine/s? I hav...
Labels
02-15-2023
06:26 AM
...:\documents\Confidential] disabled = false
The intent is for it to report access/modifications/deletions to files in that directory, but I am not getting any file monitoring activity r...
- Tags:
- file monitoring
Labels
- Labels:
-
inputs.conf
-
universal forwarder
-
Windows
06-06-2022
03:18 AM
Hi all,
I need some assistance please,
I am trying to create a report which shows all Active Directory activities carried out. Should contain columns as follows: Login, Account, Domain, Group, i...
06-16-2019
08:57 PM
Hi All,
Anyone successful able to pull the logs (Sign-in and Audit logs) of Active Directory via Azure Event Hub. If yes which method you follow.
Any other recommendation method. Thanks in advance
03-14-2016
10:58 AM
1 Karma
Hello,
I'm trying to capture Active Directory information from an AD server. I installed an universal forwarder in this server, and using deployment server I configured an input.conf as the m...
01-14-2010
11:34 PM
4 Karma
I have an Active Directory with several domain controllers. How can I monitor all activity in the Active Directory with Splunk?
04-02-2018
09:02 AM
We want to monitor Active Directory changes and security Events We are planning to deploy the Universal forwarder to each domain controller. I am confused by the documentation. What is needed/best p...
07-06-2018
09:21 AM
Hello All, We have a single instance Splunk enterprise (version 7.1) deployment on Linux which is doing everything . We would like to monitor our AD using SPLUNK. I am confused by reading http://d...
- Tags:
- splunk-enterprise
11-26-2012
04:25 AM
...ithout errors, but i lose the format of the sourcetype "ActiveDirectory".
Any suggestion?
Thanks
- Tags:
- activedirectory
