Welcome to the Splunk Supporting Add-on for Active Directory.

This add-on is used for the following purposes:

• To generate events based on the contents of an Active Directory
• To augment events with information from an Active Directory
• To perform Active Directory group expansions

This add-on must be configured before use. Click Configuration to supply the required settings.

The add-on has four commands. Once configured, all commands use the configuration. You can learn more about the commands in the Reference section:

• The ldapsearch command
• The ldapfilter command
• The ldapfetch command
• The ldapgroup command
• The ldaptestconnection command

Learn more about the Splunk Supporting Add-on for Active Directory here.