- I'm having some issues identifying the problems with my Splunk App for Exchange install. For example, under Client Behavior -> Client Activity, OWA and ActiveSync are green, while EWS and Outlook Anywhere have big yellow exclamation points next to them. If I click on EWS I see data, so I know it's at least working. Outlook Anywhere isn't really in use in this test environment, but it would still be nice to know why these errors appear.
This is spamming the event logs: Cmdlet failed. Cmdlet Search-MailboxAuditLog, parameters {Identity=domain.com/User, LogonTypes={Owner, Delegate, Admin}, ShowDetails=True, StartDate=3/29/2013 10:40:46 AM}.
Cmdlet failed. Cmdlet Search-AdminAuditLog, parameters {StartDate=3/25/2013 9:34:54 PM}.
The reputation portion is now working, but dnsbl.solid.net and singlebl.spamgrouper.com are timing out. Is there a way to edit the list of servers the reputation TA tries to hit?
Another issue is the Non-Owner Mailbox Access Report. I've enabled auditing on a test user per the instructions, however it isn't working (No results found). Anyone ran into this?
Distribution Lists Report is returning no information.
Any tips?
