Are there ways in Splunk to monitor and index any activity on Windows Registry?
Yes! Splunk can monitor Windows Registry. For more info, take a look at the documentation here.
Also, there's a blog post from some guy named Ledio announcing this feature. Any relation? 🙂
View solution in original post