Deployment Architecture

Does Splunk monitor and alert on changes to servers (and potentially desktops) configurations?

New Member

Does Splunk monitor and alert on changes to servers (and potentially desktops) configurations?

0 Karma

SplunkTrust
SplunkTrust

What kind of changes are you looking to alert on? If it logs an event you can generate an alert with a scheduled search in Splunk to monitor for those changes. It's mostly finding what indicates a config change, ingesting that into Splunk, and configuring a search to alert based on your alert thresholds. Whether that be Windows registry changes, Wineventlog events, or other application events.

0 Karma