From the course: Splunk for Security Analytics and Monitoring
Join today to access over 24,900 courses taught by industry experts.
Monitoring Windows files - Splunk Tutorial
From the course: Splunk for Security Analytics and Monitoring
Monitoring Windows files
- [Instructor] Splunk can do so many things including the continuous monitoring of files and directories. We would do this because we want to detect any changes to those files or directories. Now, let's say that we've got a situation where we've got a website with a specific file or a set of files on it that we want to monitor. So if there are updates, we want to know about it by being able to search through our indexes in Splunk. Now, think about your environment. Do you have websites that you host that might have important files that you need to track changes for? It could be a file related to services or products that are available on the site. It could be a script that runs in the background on a website that's used for maintenance. Anything that you can think of that you might want to know if a change has been made to it, in terms of the file system. Well, in our case, we've got a sample website running on a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Forwarding Linux logs to Splunk10m 16s
-
(Locked)
Forwarding Windows log events to Splunk10m 48s
-
(Locked)
Monitoring Windows files8m 46s
-
(Locked)
Monitoring Windows printers7m 16s
-
(Locked)
Configuring Snort IDS alerts for Splunk7m 32s
-
(Locked)
Configuring an HTTP Event Collector (HEC)7m 54s
-
(Locked)
Forwarding Microsoft AD events to Splunk Cloud9m 1s
-
(Locked)
-
-