cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
stayready40
Engager
Member since: ‎07-21-2021
‎01-01-2022
Community Statistics
Posts 2
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎07-21-2021
View All

Re: how do i search for failed login attempts and ...

by in Splunk Enterprise Security
‎07-26-2021 09:58 AM
‎07-26-2021 09:58 AM
Thank you I am indexing windows event logs. and I am seeing lockouts now but not for a specific user that had confirmed that his account was locked out. ... View more

how do i search for failed login attempts and lock...

by in Splunk Enterprise Security
‎07-26-2021 07:46 AM
‎07-26-2021 07:46 AM
hello all I am fairly new to using Splunk and would like some help with searching for locked accounts and to Setup an search that checks for failed password on daily basis. I want to check for ids which are constantly appearing on daily basis for x number of times. If the pattern continues then i may  know if a hacker is trying to break into a particular id using a slow password attack. I have been searching on event ID 4740 but returning no hits even though I have a user that has been locked out, why would this be happening? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎01-01-2022 06:15 AM
Karma given to
View All