This documentation does not apply to the most recent version of Splunk® Supporting Add-on for Active Directory.
For documentation on the most recent version, go to the latest release.
Upgrade the Splunk Supporting Add-on for Active Directory (SA-LDAPSearch)
Follow these steps to upgrade the Splunk Supporting Add-on for Active Directory (SA-LDAPSearch) from version 2.2.0 and higher:
- Download the latest version of the app from Splunkbase.
- Unpack the archive.
- Copy the Splunk Supporting Add-on for Active Directory folder to the
%SPLUNK_HOME%\etc\appsfolder on the search head(s) in your deployment. If prompted, overwrite the existing folder. The Splunk Supporting Add-on for Active Directory must be installed on all search heads and indexers in the deployment. - Remove all the inline comments from the
SA-ldapsearch\local\logging.conffile if present. These are examples of file stanzas that contain invalid inline comments:[logger_root] level = NOTSET ; Default: WARNING handlers = LdapSearchLog ; Default: stderr [logger_LdapSearchCommand] qualname = LdapSearchCommand level = NOTSET ; Default: WARNING handlers = LdapSearchLog ; Default: stderr propagate = 0 ; Default: 1
Here's an example of the file stanza after removing the inline comments:
[logger_root] level = NOTSET handlers = LdapSearchLog [logger_LdapSearchCommand] qualname = LdapSearchCommand level = NOTSET handlers = LdapSearchLog propagate = 0
- Restart Splunk Enterprise on the search head(s).
- Restart the deployment server.
- Log into Splunk Enterprise.
- Choose Splunk Supporting Add-on for Active Directory from the list of apps.
Last modified on 09 November, 2020
| Configure the Splunk Supporting Add-on for Active Directory | The ldapsearch command |
This documentation applies to the following versions of Splunk® Supporting Add-on for Active Directory: 2.2.1, 3.0.0, 3.0.1, 3.0.2, 3.0.3
Download manual
Feedback submitted, thanks!