In the environment I'm working in, Office 365 has been implemented, but there were security concerns with Azure ActiveDirectory, so it was never implemented. Does anyone know if it is possible to configure...
Hi,
I have installed the new SplunkAdd-onforMicrosoftActiveDirectory (hxxps://splunkbase.splunk.com/app/3207/) instead of using the TA-DomainController- as per the latest doco, on all d...
...ark "SAML" and click on "ConfigureSplunk to use SAML"
Click on "SAML Configuration". Opening a form where the first thing is upload the FederationMetadata.xml mentioned in a previous step....
I installed the app for windows infrastucture, then the app for *nix. Now, when i go in to the app for *nix, I get a message at the top saying eventtypes for wineventlog-ds and wineventlog-dns do n...
I would like to setup an identity lookup for Azure AD user accounts in Splunk ES. It looks like theMicrosoft Azure Add-on collects the user data using theMicrosoft Azure ActiveDirectory U...
Hi everyone. Is there any way to resolve GPO GUID or SID within Windows Security Logs? For instance, when we change any GPO in the domain it is logged under EventCode 5136. There is a CN name i...
...amed, "SplunkAdd-onforMicrosoft Windows ActiveDirectoryforSplunk Universal Forwarder" however the link takes me to setup instruction forthe Windows Infrastructure App. Since I'm still able to p...
My company is transitioning from an on-premise MFA setup within ADFS to the Azure MFA setup. What's the best approach to getting those MFA events into Splunk? Does theSplunkAddon forMicrosoft...
I installed version 3.0.1 of theMicrosoft Azure Add-onforSplunkonone of our Heavy Forwarders. I was able to configureand get all the inputs working except "Microsoft Azure ActiveDirectory S...
Hi, I am trying to configuretheMicrosoft Azure ActiveDirectory Reporting Add-onforSplunk within our environment but when I click onConfiguration > Add-on Settings in the app, the page is s...