×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
JJ_Splunk
New Member
Member since: ‎02-22-2026
‎02-22-2026
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎02-22-2026
Activity Feed
Topics I've Started
View All

Re: Splunk Universal Forwarder

by SplunkTrust in Getting Data In
‎02-22-2026 11:02 PM
1 Karma
‎02-22-2026 11:02 PM
1 Karma
Hi @JJ_Splunk , yes, the best approach to collect Domain Controller logs is to install a Universal Forwarder on the DC. Then you should install on the DC and on the Search Head the Splunk_TA-Windows add-on (https://splunkbase.splunk.com/app/742) Then you should configure it on the DC. Instead, if you want to exract AD structure and data, you should install on the HF the Splunk Supporting Add-On for Active Directory (https://splunkbase.splunk.com/app/1151) and connect it to the AD. Ciao. Giuseppe ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎02-22-2026 04:42 PM