cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
dwithers
Explorer
Member since: ‎06-17-2013
‎06-05-2020
Community Statistics
Posts 10
Solutions 0
Karma Given 1
Karma Received 6
Member Since ‎06-17-2013
Activity Feed
View All

Re: Convert AD LDAP Timestamp to Epoch or other re...

by in Getting Data In
‎04-16-2014 06:42 AM
‎04-16-2014 06:42 AM
eval myTime=AD_time/10000000 - 11644473600 got it. Thanks for your help! ... View more

Re: Convert AD LDAP Timestamp to Epoch or other re...

by in Getting Data In
‎04-16-2014 06:37 AM
‎04-16-2014 06:37 AM
he current LDAP time = (time()+11644473600)*10000000; You can replace time() with any UNIX timestamp or strtotime("15 November 2012") is the math if ound around it ... View more

Re: Convert AD LDAP Timestamp to Epoch or other re...

by in Getting Data In
‎04-16-2014 06:23 AM
‎04-16-2014 06:23 AM
Actually, i just found it's 64bit in of the number of 100 nanoseconds since 1/1/1601 ... View more

Re: Splunk App for Windows Infrastructure AD issue

by in All Apps and Add-ons
‎04-16-2014 05:26 AM
‎04-16-2014 05:26 AM
have you verified your ldapsearch is working properly? Specifically the SA-ldapsearch addon required? ... View more

Re: Splunk App for Windows Infrastructure - Visual...

by in All Apps and Add-ons
‎04-16-2014 05:24 AM
‎04-16-2014 05:24 AM
What version of splunk are you running on? I havent noticed any of my screens/dashboards in the app to be off. Which specific dashboards are you referring to and I will take a closer look? ... View more

Convert AD LDAP Timestamp to Epoch or other readab...

by in Getting Data In
‎04-16-2014 05:17 AM
‎04-16-2014 05:17 AM
Using ldapsearch queries in the splunk for windows ifnrastructure app, I am trying to convert the following fields timestamp which is the integer8 windows NT timestamp to epoch or other readable time after my query runs. The timestamp is the number of 100-nanoseconds intervals (1 nanosecond = one billionth of a second) since Jan 1, 1601 UTC Anyone have any experience with this? Would be much appreciated! field = msDS-LastSuccessfulInteractiveLogonTime timestamp returned = 129878945338632316 ... View more

Administrator Audit function returning no results ...

by in All Apps and Add-ons
‎04-02-2014 01:05 PM
3 Karma
‎04-02-2014 01:05 PM
3 Karma
I have the Splunk App for windows infrastructure up and running. the support SA-ldapsearch is installed along with java and functioning fine as well. I am receiving results on virtually every dashboard included with the app. The only dashboard I am having issues with is the Administrator Audit. I keep receiving a 'Search query is not resolved." msg in every view on that dashboard. Under Account Domain/Administrator there is a Search Produced no results message and its looking for the default 'Last 15 minutes'. If I change the 15 minutes to 24 hours, or 1 minuted or some other 'real-time' search, the Account Domain: will start 'Populating' and finally find the Domain, but the Administrator is being hardset to some random user/computer account and will not let me search/choose from an actual Administrator. I do not see any specific errors in splunkd.log or my SA-ldapsearch log relating to this. Any ideas? ... View more

Splunk App for Windows Infrastructure documentatio...

by in All Apps and Add-ons
‎03-31-2014 06:44 AM
‎03-31-2014 06:44 AM
Hoping to get the documentation on the installation/configuration/use of the Splunk App for Windows Infrastructure. Every link from the app page is just taking me to the main documentation page. Any direction on this would be appreciated. ... View more

How to install AWS Splunk App on clustered environ...

by in Deployment Architecture
‎02-24-2014 01:40 PM
2 Karma
‎02-24-2014 01:40 PM
2 Karma
Curious on the instructions to Deploy the AWS Splunk App in a clustered environment? We have 1 Master, 1 Searchhead, 2 Indexers, 2 forwarders. I dont think i missed it, but I did not see best practice on deploying this way. THanks. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All
Karma given to
View All