...reating a inputs.conf blacklist for internal IPv4s and common websites. I'm curious if we can further enrich this data by using powershellscripts to lookup these IPv4s according to that hosts DNS r...
...ound the application "splunk for windows infrastructure"
I have successfully configured add on Splunk_TA_microsoft_ad on the portal.
of course these 2 add ons exist in C:\Program Files\S...
I have the Windows Infrastructure app installed on a Windows machine. The monitor stanza and the powershellscripts are working fine, but the Winevent logs with the following config are not i...
I would like to know what data does the powershellscripts in the various microsoft windows add-ons collect?
What data will I not be able to collect, if i disable powershellscripts?
...ocated at /opt/splunk/etc/apps/Splunk_TA_windows/local/inputs.conf and edited with vim). I can also confirm that the index named "windowseventlog" exists, is enabled, and is named correctly.
Here was a...
...sad
#
# Subnet Affinity Log
#
[monitor://C:\Windows\debug\netlogon.log]
sourcetype=MSAD:NT6:Netlogon
disabled=false
index=msad
I got data from the execution of the scripts as i find these s...
Hi,
We are implementing the Splunk App for Windows Infrastructure, and we wanted to have the powershellscripts running. We have set up the servers to allow the running of the powershellscripts...