Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
60 results
Sorted by:
11-15-2012
04:11 AM
Hey,
I have problem to determine the urls which lead a customer to a certain url "x". I have an apache-log in which I can determine what urls the customer visited thanks to JSESSIONID. What I don't...
06-16-2017
07:24 AM
I am attempting to track user activity from vdi login to the use of a shared account to log into an application. For example, user = Tim logs into his VDI session VDI-XXXX at 9am, then opens up a...
05-20-2020
01:14 PM
We want to be able to use Splunk as an auditing tool for our groups local and to Active Directory groups. If changes to the groups accur, we want to be able to see that in a Splunk dashboard.
Labels
- Labels:
-
using Enterprise Security
08-24-2019
10:22 PM
hello, I want to track all active session(RDP) in the network and see who login which server, what is the source IP address, and the sum of minutes of the active session
I use this code found in t...
03-15-2021
10:55 AM
Greetings all, I'm currently working on a A/B testing dashboard to see which landing page is having more engagement. One of my tasks is to know where are the users clicking once they arrive the land...
Labels
- Labels:
-
stats
4 weeks ago
...edup UserName, "File Path", Accesses | sort -_time With this setup I am able to track activities like delete, modify, READ_CONTROL and create. However, I am still not getting records when m...
Labels
- Labels:
-
configuration
11-21-2017
10:35 AM
...he proper audit setting is created. Anyone have the Event Codes that provide WMI activity logs?
We'd also like to know what events show other activity (like PtH, Golden Ticket, Silver Ticket)?
A...
- Tags:
- splunk-enterprise
- wmi
04-18-2018
03:44 PM
3 Karma
...am yet a different message
2, destroy, Remove this other thing
, , And I am yet a different message
I want to get:
activeids, id, action, message
1, 1, add, A...
03-19-2014
11:35 AM
I am struggling to find how to write this query to calculate active user's on our system. Currently we have a syslog that logs log in's and log outs. The syslog is on the same host (if that m...
- Tags:
- eval
09-12-2018
03:33 PM
1 Karma
Is there a lookup I can use to create a custom table of active investigations? I am trying to create a table that shows all active investigations, as users by default cannot see investigations if t...
