Chris: Really good to hear Splunk is pretty accessible. I won't be the primary admin, that's our security team' job, so when you say for a searcher 95% of the web interface is accessible, can you elaborate, what works and what should be avoided? Thanks. Ryan -----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Chris Nestrud Sent: Friday, April 22, 2016 11:30 AM To: Blind sysadmins list Subject: Re: [Blind-sysadmins] Active Directory auditing Splunk should be able to provide the data in whatever format you desire, including exporting to csv if Excel is your thing. If you'll be searching, the web interface is I'd say 95% accessible. There is also a command-line interface and REST API. If you'll be administering, everything is ini-style configuration files at the core, so things are good from that standpoint. Interfaces are similar; web for many things, command-line for some, API, or config file editing. I'm in the midst of working with a small team to implement Splunk in a distributed environment. Let me know if you have any questions. Chris On Fri, Apr 22, 2016 at 02:46:42PM +0000, Ryan Shugart wrote:

Currently, we're using a tool from Dell, formerly Quest Software, called Change Auditor that captures this info quite well. We have an older version with some accessibility issues, but those are supposed to be better. We're moving off Change Auditor to a new tool called Splunk that I'm told is the bees knees in terms of log analisys and auditing. I haven't seen it yet though. Ryan

-----Original Message----- From: Blind-sysadmins [mailto:blind-sysadmins-bounces@lists.hodgsonfamily.org] On Behalf Of Troy Hergert Sent: Thursday, April 21, 2016 10:55 AM To: Blind system administrators Subject: [Blind-sysadmins] Active Directory auditing

Does anyone know of a tool, native to Server 2012 or third party that would allow me to generate a basic logon/logoff report by user? My organization isn't really having any issue since we are very flexable with people using VPN connections and working from home. HIPAA compliance requires that we at least be able to pull a report when necessary. Any recommended tools out there? Thanks. _______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins

_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins