Splunk® App for VMware (Legacy)

User Guide

On August 31, 2022, the Splunk App for VMware will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app is migrating to a content pack in Data Integrations. Learn about the Content Pack for VMware Dashboards and Reports.
This documentation does not apply to the most recent version of Splunk® App for VMware (Legacy). For documentation on the most recent version, go to the latest release.

Security Overview

Use this dashboard to investigate into security relevant events and to check for potential security breaches. Get visibility into user activity using access controls and look at the history of user related tasks and events.

Using this dashboard you can look at the following security information about your environment:

  • Added, removed, or changed roles for users.
  • Repeated login attempts.
  • Attempted actions outside permissions.
  • Potentially harmful logins.

The source type vmware:events must be present for this dashboard to populate.

Last modified on 22 October, 2021
Task and Event Details   Useful Saved Searches

This documentation applies to the following versions of Splunk® App for VMware (Legacy): 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.4.7, 4.0.0, 4.0.1, 4.0.3


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters