Hi all, i need to do a query about the number of login failed and succeeded in a time period. I'm auditing linux and windows machines. Thanks
asked 03 Aug '10, 09:26
The Splunk for *NIX app that ships with the Linux versions has the queries "Successful User Logins" and "Failed Logins" built in (under the Users menu). Would that be sufficient? Just load Splunk, Enable the *NIX app and configure it.
answered 03 Aug '10, 09:35
Are you trying to gather this information from the Windows Event logs and the syslogs from the *nix machines?
answered 31 Aug '10, 11:55