Syslog Format?

Question asked by TIFFANY IRELAND on Jan 22, 2019

Is there a difference in syslog data format when connected to AD for users vs when they are in the internal database?


If we were to have Splunk reports/alerts already configured, and move users over to LDAPS from the internal database, will the format of the data change and potentially break the reports/alerts? Or is the data sent the same no matter where a user is stored?