Splunk® Add-on for Microsoft Active Directory (Legacy)

Install and use the Splunk Add-on for Microsoft Active Directory

As of July 7, 2019, The Splunk Add-on for Active directory has reached its end of life. Splunk is no longer developing or maintaining this product.

About the Splunk Add-on for Microsoft Active Directory

Version 1.0.1 (TA-Microsoft-AD)
Vendor Products Microsoft Active Directory
Visible No. This add-on does not contain any views.

The Splunk Add-on for Microsoft Active Directory (AD) lets you collect Active Directory and Domain Name Server debug logs from Windows hosts that act as domain controllers for a supported version of Windows Server.

The Splunk Add-on for Microsoft Active Directory requires that you configure Active Directory audit policy. This is because AD does not log certain events by default. After the Splunk platform indexes the events, you can analyze the data.

This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk apps, such as the Splunk Apps for Microsoft Exchange and Windows Infrastructure.

Download the Splunk Add-on for Microsoft Active Directory from Splunkbase at http://splunkbase.splunk.com/app/3207.

Discuss the Splunk Add-on for Microsoft Active Directory on Splunk Answers at http://answers.splunk.com/answers/app/3207.

Last modified on 20 December, 2017
  Source types for the Splunk Add-on for Microsoft Active Directory

This documentation applies to the following versions of Splunk® Add-on for Microsoft Active Directory (Legacy): 1.0.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters