Re: File Integrity Monitoring - Splunk 6

dgavic · ‎11-19-2013

With FSChnage being deprecated in Splunk 5.0, what is the best method in Splunk 6 to monitor folder/file changes?

Thank you

IT_Bullgod · ‎01-16-2014

The term Deprecation is misleading many of our customers. The fact remains - Splunk continues to maintain a file integrity checking feature through ver 5 and into the current version. See the link below:

http://docs.splunk.com/Documentation/Splunk/6.0/Data/Monitorchangestoyourfilesystem

IT_Bullgod · ‎01-16-2014

The term Deprecation is misleading many of our customers. The fact remains - Splunk continues to maintain a file integrity checking feature through ver 5 and into the current version. See the link below:

http://docs.splunk.com/Documentation/Splunk/6.0/Data/Monitorchangestoyourfilesystem

dgavic · ‎11-20-2013

I did find this write up in the docs section, and this helped get me going in the right direction.

http://docs.splunk.com/Documentation/Splunk/6.0/Data/MonitorfilesystemchangesonWindows

I am always open for more suggestions, or an easier way to do this.

Thank you

File Integrity Monitoring - Splunk 6

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases