NetIQ Sentinel: AD parser should parse "Service Name" from event "A Kerberos service ticket was requested

Hi,
I think AD parser need an enhancement. It should parser "Service Name" from event "A Kerberos service ticket was requested". Usually that field contains an account name, that can be used to track authentications. Now that is not parsed at all.

We have an customer use-case and this is needed urgently.

by: Timo S. | over a year ago | Integrations

Fixing this is planned. Bug ID reference in plug-in documentation is: 1045558

by: John Gassner | over a year ago
official response
This is now available at the following link: https://www.netiq.com/support/sentinel/plugins/preview.html
The exact download link is: https://www.netiq.com/support/sentinel/plugins/pre/collectors/Microsoft_Active-Directory-and-Windows_2011.1r8-201707050116-preview.clz.zip

by: John Gassner | over a year ago
official response

Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.

3

AD parser should parse "Service Name" from event "A Kerberos service ticket was requested

Comments