Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
301 results
Sorted by:
06-10-2016
09:01 AM
1 Karma
Using Splunk 6.4.1
I am trying to monitor the WinEventLog://Security; however, I only need to monitor two EventCodes (4732 and 4624). Additionally, we are looking to remove all service accounts f...
08-07-2015
10:40 AM
We are installing Splunk on CentOS Linux in the next week or so. Our service accounts are going to be on an LDAP server. Will I be able to install and run the Splunk App for Enterprise Security w...
3 weeks ago
I need to identify each Active Directory Service Accounts that are being used for authentication for my work group. I am trying to create a working list of active and disabled accounts. I am u...
Labels
- Labels:
-
audit
09-28-2019
07:07 AM
I am running Splunk on top of GCE instances, and I'd like to use GCE service account for the pubsub subscription instead of providing a JSON file. Is that possible? What would be the effort to i...
06-27-2013
04:50 PM
...mbedded in the configs somewhere in addition to the windows service? I have an install that was done months ago using the local system account, and I'd like to change it to use a domain account. Assigning a...
- Tags:
- installation
- windows
12-21-2020
08:45 AM
Hi, We have a service account svc_account, that should log into certain servers (Server1, Server2, Server 3). How would we create an alert to notify if svc_account logs into a server other t...
Labels
- Labels:
-
alert action
-
alert condition
03-07-2018
08:52 AM
I'm searching on Windows Security Auditing logs and the Security_ID field but when I do, I'm realizing that there is a section for Subject and Target Account. I want to be able to extract each i...
09-09-2019
02:01 PM
Does anyone have examples of how to use Splunk to detect new interactive login from a service account?
07-05-2013
02:29 AM
Hello everybody,
due to strict security requirements, I am trying to setup the Splunk Universal Forwarder service to run with a domain account that has NOT administrative privileges on the server....
11-17-2021
10:12 AM
