I see a lot of posts within the validated_best-practice tag related to Windows monitoring. Is there a list of these best practices for implementing Windows monitoring?
I know there could be a lot to say on this topic but I'm specifically focused on guidance for rapid deployment of the Splunk Add-on for Windows such that data collection is ready to be enabled based on my use case needs.
As you noted, the Splunk Add-on for Windows is an excellent choice for a variety of data sources necessary for Windows OS monitoring use cases. The Documentation for the Splunk Add-on for Windows has everything you need, but for those in a rush, these two topics are critical:
With the Installation complete, refer to the following validated best practices: