Dashboards & Visualizations

create dashboard to monistor windows event logs

syamsekhar
New Member

How to create a dashabord for windows event log monitoring of different windows servers with categories like application, Security,System . so that it can be filtered easly from dashboard itself

Tags (1)
0 Karma

kvswathi
Path Finder

As I understood from your question, you need to create a dashboard with different windows servers with categories like application, Security,System.

Use the below query , it will list the event count for each sourcetype for each server . Then you can save it as a dashboard , also you can enable drilldown.

index= | chart count by host,sourcetype

0 Karma

niketnilay
Legend

Check out Splunk App for Windows Infrastructure
Enable the data inputs required for Event Monitoring (also whitelist/blacklist events as per your needs). Following is the Event Monitoring Dashboard available in the App: http://docs.splunk.com/Documentation/MSApp/latest/Reference/EventMonitoring

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma

HiroshiSatoh
Champion

I think that you can use this sheet to create panels and combine them.

https://www.malwarearchaeology.com/cheat-sheets/

There is also APP like this.
Windows Event Logs Analysis

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...