Splunk Cloud – Windows AD Management Quick Start Guide (Last Updated: 03/30/2018) Splk Customer Winfra

SplkCloud_Customer_Winfra_Quick_Start_Guide

User Manual:

Open the PDF directly: View PDF .
Page Count: 18

Scroll down to view the document on your mobile browser.

Splunk App for Windows Infrastructure and MS Windows AD Objects application Overview
Step 1: Splunk Cloud Environment Configuration
Step 2: Download Splunk Technical Add-Ons and Update Data Inputs
- Application Details and Download links
- Configure and Update the Data Inputs
Step 3: Splunk Universal Forwarder Installation on Target Windows Systems and AD DC’s
- Required Pre-Installation Step: Set PowerShell Execution Policy
- Installing the Splunk Universal Forwarder, Splunk Cloud App for Universal Forwarder and Splunk TA(s)
Step 4: Complete Setup of Splunk App for Windows Infrastructure and MS Windows AD Objects
- Splunk App for Windows Infrastructure: Start the Initial Setup Wizard
- MS Windows AD Objects: Build the initial AD Objects lookup files
Appendix A – Splunk Current Cloud Customers – Support Case Steps
Appendix B – Troubleshooting missing admon baseline or AD MSAD Health data
- Not seeing admon baseline, “Sync”, data
- Not seeing AD MSAD data - Verify and update PowerShell’s Execution Policy
Appendix C – Troubleshooting Splunk Communication Issues
Appendix D – Enable Auditing in the Active Directory Environment
- Enable Auditing on Windows Server 2008, Server 2008 R2, Server 2012, and Server 2012 R2
- Advance Auditing Settings:

Navigation menu