×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
jaredthomason
Explorer
Member since: ‎06-07-2021
‎05-19-2022
Community Statistics
Posts 4
Solutions 0
Karma Given 3
Karma Received 0
Member Since ‎06-07-2021
Activity Feed
Topics I've Started
No posts to display.
View All

Re: Splunk Add-on for Microsoft IIS lookup issue o...

by in All Apps and Add-ons
‎02-04-2022 12:22 PM
‎02-04-2022 12:22 PM
Did you ever figure this out? ... View more

Re: Monitoring MS SQL logs from Windows Event view...

by in Splunk Enterprise Security
‎07-27-2021 07:19 AM
‎07-27-2021 07:19 AM
I had to change the first regular expression to the following. \<Data\>(?<zzz_sql_audit_data>[^*]*)\<\/Data\> ... View more

Re: Monitoring MS SQL logs from Windows Event view...

by in Splunk Enterprise Security
‎07-22-2021 01:08 PM
‎07-22-2021 01:08 PM
Also, Which .conf files are you editing? Is it in a specific app on the SQL server or an app on the indexer? ... View more

Re: Monitoring MS SQL logs from Windows Event view...

by in Splunk Enterprise Security
‎07-22-2021 11:36 AM
‎07-22-2021 11:36 AM
Does that regular expression work for you? \<Data\>(?<zzz_sql_audit_data>.+?)\<\/Data\>  I have not been able to get it to work.  ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎05-19-2022 12:56 PM
Karma given to