This app provides knowledge objects for working with Windows PowerShell transript logs.
|Author||Tom Kopchak, Hurricane Labs|
|Vendor Products||Windows PowerShell|
|Has index-time operations||true - line breaking|
|Create an index||false|
This add-on should be installed on both search heads and indexers.
On Universal Forwarders monitoring PowerShell transcript log files, the following configuration is recommended.
#Monitor PowerShell transcript logs [monitor://C:\pstrans\*\*.txt] sourcetype = powershell:transcript index = powershell disabled = 0 multiline_event_extra_waittime = true time_before_close = 300
Additional information on the configuration of this app is available here: www.hurricanelabs.com/splunk-tutorials/splunk-tutorial-powershell-transcription-logging
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.