Hi everyone,
Has anyone successfully captured audit events from the Novell Audit agent for eDirectory or IDM products? I am new to SPLUNK and wonder if this is possible. I have had a look at your free edition, and have setup a TCP listener on the correct port (1289) which forwards onto an index specifically for this event source type. I have configured the audit events from the eDirectory side and generated some sample events, yet nothing appears in SPLUNK under that index.
Is there some other steps to follow. Apologies in advance if I have missed something obvious as I am completely new to SPLUNK.
Thanks
... View more