admingit
/
Deploiement_Server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update

Browse Source
master
admingit 2 years ago
parent ee55facdc3
commit 2b59d2c456
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File

28
deployment-apps/Splunk_TA_windows_dc/local/inputs.conf
Unescape View File

@ -39,6 +39,34 @@
# --------------------------------------------------------------------------------------- # ---------------------------------------------------------------------------------------
###### WinEventLog Inputs for Active Directory ###### ###### WinEventLog Inputs for Active Directory ######
###### OS Logs ######
[WinEventLog://Application]
disabled = 0
start_from = oldest
current_only = 0
checkpointInterval = 5
renderXml=true
index=wineventlog
[WinEventLog://Security]
disabled = 0
start_from = oldest
current_only = 0
evt_resolve_ad_obj = 1
checkpointInterval = 5
blacklist1 = EventCode="4662" Message="Object Type:(?!\s*groupPolicyContainer)"
blacklist2 = EventCode="566" Message="Object Type:(?!\s*groupPolicyContainer)"
renderXml=false
index=wineventlog
[WinEventLog://System]
disabled = 0
start_from = oldest
current_only = 0
checkpointInterval = 5
renderXml=true
index=wineventlog
## Application and Services Logs - DFS Replication ## Application and Services Logs - DFS Replication
[WinEventLog://DFS Replication] [WinEventLog://DFS Replication]

Write Preview
Loading…
Cancel
Save