I have Splunk 8.0.5 on Windows. One thing I would like to setup is "STEALTHbits Active Directory & LDAP Monitoring" app. But STEALTHbits app dashboard and other reports just doesn't show any data.
I install the app. Then I setup Active Directory Data Input with settings that correspond to STEALTHbits app. Data is saved to index "sb_ad".
Using search I see a lot of events in Splunk from Active Directory, located in "sb_ad". But out of the box dashboard is empty.
Does anybody know if this is the right approach? Anybody knows how to setup STEALTHbits Active Directory app?
... View more