cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
kodyrubida
Engager
Member since: ‎02-22-2024
‎02-22-2024
Community Statistics
Posts 1
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎02-22-2024
Activity Feed
View All

How to filter search results from query

by in Splunk Search
‎02-22-2024 07:34 AM
‎02-22-2024 07:34 AM
Hi, I am looking to grab all windows events of successful NTLM logins without using Kerberos. Here is my query so far.     "eventcode=4776" "Error Code: 0x0" ntlm   I think this is working as of now, however it brings results including the value of Kerberos, I tried using the value, Not "Kerberos" , however it completely broke my search result.   I am looking to grab only the value of "Account Name:" and "Source Network Address:" then export it to a csv file every week.    Is this something I can do with Splunk? If so any help would be appreciated. Thanks. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎02-22-2024 11:54 AM
Karma given to
View All