Hello community
I heard that Splunk does support fileintegrity-monitoring. Only on the host where Splunk is installed,
or are Splunk-agents for Windows- and Linux-machines available and on all Splunk-versions (Enterprise,
and Light) ?
Thank's for your feedback!
Bill
That is deprecated. You should use a tool that specializes in that and can send the data to splunk. Such as OSquery etc.
Thank you very much for the feedback! Push or pull always the question within filemonitoring....
Can Splunk also pull or initiate fileintegrity monitoring tasks on dedicated agents?
Thank's!
Bill