![]() ![]() I've tried using the "search" command and "foreach" command, but have had no joy. Ii) Enumerate the group members and perform a foreach() type loop. Run the event log query for users that exist in the array, e.g.: using semantics such as isin() or contains() or I) Enumerate relevant group members into an array. If I were coding this in a script, I'd either: I've got the Windows Event Log search nailed. I then want to perform a search for each of the returned user names against Windows Event Logs … and return the results as one data set. The outer query performs an LDAP search against Active Directory and returns a list of people with a particular group membership (e.g.: all Domain Admins or Account Operators, Etc.) I am by no means a Splunk expert, not even a power user! I'm trying to perform a search for all "rows" that are returned by an outer search/query. ![]() I've found a few Google hits that I thought were going to help with this. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |