Category: Splunk

BitLocker Volume Details in Splunk

Monitoring BitLocker Volume Details I was recently asked if BitLocker encryption details can be reported on in Splunk. The answer is yes, if you send the right data to Splunk. There is a Windows Event Log (Microsoft-Windows-BitLocker/BitLocker Management) that will log when someone encrypts or decrypts a volume.  This information is good to know, but… Continue reading BitLocker Volume Details in Splunk

Embedded Splunk Report

This is an example of a chart from a Splunk report that has been embedded in an external webpage.

Published
Categorized as Splunk

Using Splunk to Identify Account Logon Failures and Lockouts in Active Directory

Working as both an AD Domain Admin and Splunk Admin, I am working on an Active Directory app for Splunk to present useful statistics as well as provide search forms and reports to be used by AD and Help Desk support staff. This is the first in a series of blog posts I will make on the development… Continue reading Using Splunk to Identify Account Logon Failures and Lockouts in Active Directory

Published
Categorized as AD, Splunk