Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
569 results
Sorted by:
12-11-2018
01:34 PM
My company is beginning to use Power BI and we would like to get the audit logs from it into Splunk. I saw in the documentation that this gets audit logs from Exchange Online, SharePoint online and a...
07-08-2019
05:35 AM
1 Karma
The post question did include the answer, but then it could not be marked as an answer, therefore I pushed the content into a second post that could be marked as an answer.
07-10-2020
12:19 PM
Hello
I have a problem with some .sqlaudit files
These files are being stored in the following path Z: \ audit \
Install a forwarder but Splunk doesn't seem to recognize these files.
Use the Splunk...
- Tags:
- splunk SQL sqlaudit
Labels
- Labels:
-
using Splunk Enterprise
04-29-2010
06:02 PM
3 Karma
Hello,
Is there a way I can configure the lea-loggrabber-splunk to collect Checkpoint's audit log(audit.log), instead of the default collection on traffic log(fw1.log)?
I am using the lea-log...
11-20-2019
09:04 AM
Does anyone have examples of how to use Splunk to detect Windows audit log tampering?
07-02-2020
02:06 AM
Hi All, As indicated here (https://community.splunk.com/t5/Getting-Data-In/Why-am-I-unable-to-monitor-SPLUNK-HOME-var-log-splunk-audit-log/m-p/506185#M86203), I have been able to get the audit.log f...
Labels
05-15-2013
01:53 PM
We are trying to pull back audit files back into Splunk. We are running into a couple of issues:
1.) Parsing the log file for the datetime/transaction/etc is unbelievable hard to decipher. Has a...
- Tags:
- parsing
04-04-2017
12:48 PM
I'm wondering what is the best way to collect events from the Oracle Unified Auditing db. It know without OUA it was easy to install the Splunk UF on the server then collect the .aud logs. Is the s...
07-23-2019
12:36 AM
I want the below audit information from Phantom server ingested into Splunk ES and how to retrieve it? 1) Login Success
Failure
I can see only login and logout information in : /var/log/p...
- Tags:
- phantom
Labels
- Labels:
-
configuration
-
other
11-17-2020
02:39 PM
...n the data input I configured the following: vi /opt/splunk/etc/apps/search/local/inputs.conf [monitor:///var/log/audit/audit.log] disabled = false index = abcd sourcetype = linux_audit host = s...
- Tags:
- forward
Labels
- Labels:
-
Linux
-
universal forwarder
