Welcome to SecKit SA IDM Windows’s documentation!¶
Success Enablement Content “SecKit” apps for Splunk are designed to accelerate the tedious or difficult tasks. This application IDM Windows is an add on for Splunk Enterprise Security designed to identify and enrich asset and identity information based on Microsoft Active Directory. Assets and Identities based on Active Directory can give critical insights into machine data
- Is this device properly domain joined?
- Who is responsible for this device?
- Does this user have a privileged account?
Before you get started¶
- Splunk System Requirements
- Upgrading from prior versions
- Collect Active Directory Data
- Quick Start Tutorial
- Using Windows Assets and Identities
- Customizing the add on
- Index Location Macros
- Windows Categories