We have updated our Terms of Service, Code of Conduct, and Addendum.

Ldap queries for Active Directory Info

Joel Yue
Joel Yue Posts: 4
edited November 2023 in Stream

Can cribl stream carry out ldap queries to Microsoft AD and then save the AD information in a lookup table or something similar? I want to automate fetching AD information from AD servers and then feeding it to a SIEM like Splunk or Elastic.

Tagged:

Answers

  • Shawn Cannon
    Shawn Cannon Posts: 131 ✭✭

    This is something I am interested in as well.

  • Jon Rust
    Jon Rust Posts: 455 mod

    This is not something Cribl can do currently. The lookup would need to be managed outside of Cribl. CSV and Redis are the most common choices here

  • Shawn Cannon
    Shawn Cannon Posts: 131 ✭✭

    I would love for it to work like the ldapsearch command in Splunk does. I believe it is a Python based script that queries AD and pull the data down. I would hope the data could write direct to a destination like Splunk or LogStream, but Redis might work.

Categories