Splunk® Add-on for Microsoft Active Directory (Legacy)

Install and use the Splunk Add-on for Microsoft Active Directory

Acrobat logo Download manual as PDF


As of July 7, 2019, The Splunk Add-on for Active directory has reached its end of life. Splunk is no longer developing or maintaining this product.
This documentation does not apply to the most recent version of Splunk® Add-on for Microsoft Active Directory (Legacy). For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

The Splunk Add-on for Microsoft Active Directory version 1.0.0 is not supported when installed alongside the Splunk Add-on for Windows version 6.0.0. The Splunk Add-on for Windows version 6.0.0 includes the Splunk Add-on for Windows DNS and the Splunk Add-on for Microsoft Active Directory.

The Splunk Add-on for Microsoft Active Directory reached its End of Life (EoL) on February 18, 2019.

Release notes

The latest version of the Splunk Add-on for Microsoft Active Directory was released on'October 25, 2016.

Known issues

The Splunk Add-on for Microsoft Active Directory has the following known issues:

None at this time.

Fixed Issues

Publication Date Defect Number Description
2016-10-10 TAG-11961 Update to latest common build.

Sourcetype changes for WinEventLog data

The Splunk Add-on for Windows version 5.0.x introduces changes to WinEventLog data sourcetypes, and now assigns the WinEventLog sourcetype to the following WinEventLog inputs of the Splunk Add-on for Microsoft Active Directory:

Windows AD input Sourcetype
WinEventLog://DFS Replication WinEventLog
WinEventLog://Directory Service WinEventLog
WinEventLog://File Replication Service WinEventLog
WinEventLog://Key Management Service WinEventLog

WinEventLogs are distinguished by their source.

Last modified on 07 March, 2019
PREVIOUS
Source types for the Splunk Add-on for Microsoft Active Directory
  NEXT
Hardware and software requirements for the Splunk Add-on for Microsoft Active Directory

This documentation applies to the following versions of Splunk® Add-on for Microsoft Active Directory (Legacy): 1.0.0


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters