×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
mayfieldbk
New Member
Member since: ‎05-31-2013
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎05-31-2013
Topics I've Started
No posts to display.
View All

Re: Why are we receiving all Windows event log dat...

by in Getting Data In
‎01-20-2016 10:52 AM
‎01-20-2016 10:52 AM
Because we run Splunk on our DCs w/a service account to be able to collect other AD related data, we had to add permissions to allow access to the security logs (since we didn't make the service account a domain admin). Maybe this will help you: For us, we used a policy assigned to our domain controllers: Group Policy - Computer Policy> Windows Settings> Security Settings> Local Policies > User Rights Assignment: Setting: Manage auditing and security log ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM