Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

File Integrity Monitoring - Splunk 6

dgavic
Explorer
‎11-19-2013 08:06 AM

With FSChnage being deprecated in Splunk 5.0, what is the best method in Splunk 6 to monitor folder/file changes?

Thank you

Tags (3)
0 Karma
Reply

IT_Bullgod
Splunk Employee
Splunk Employee
‎01-16-2014 02:22 PM

The term Deprecation is misleading many of our customers. The fact remains - Splunk continues to maintain a file integrity checking feature through ver 5 and into the current version. See the link below:

http://docs.splunk.com/Documentation/Splunk/6.0/Data/Monitorchangestoyourfilesystem

Reply

Hooshiar
Observer
‎07-13-2024 11:08 PM

Hello

The link is for version 6.0 and no longer exists.

"http://docs.splunk.com/Documentation/Splunk/6.0/Data/Monitorchangestoyourfilesystem"

You can use this link instead:
https://docs.splunk.com/Documentation/Splunk/9.2.2/Data/Monitorchangestoyourfilesystem
Although the contents of this document did not match the solution I wanted
In the SIM solution of ManageEngine company, it is possible to monitor a folder that has been Shared in such a way that if a file or folder is created, edited, renamed or deleted, it shows by which user and at what time and from which IP It happened.
I am looking for such a solution in Splunk

0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎07-14-2024 02:23 AM

1. It's a veeeeeery old thread (over 10 years since last post)

2. Monitoring changes to filesystem is a completely different issue than logging changes on a file sharing platform (regardless of whether we're talking NFS, CIFS, DAV...). First thing would be to make sure that the service itself can and will log relevant data.

0 Karma
Reply

IT_Bullgod
Splunk Employee
Splunk Employee
‎01-16-2014 02:21 PM

The term Deprecation is misleading many of our customers. The fact remains - Splunk continues to maintain a file integrity checking feature through ver 5 and into the current version. See the link below:

http://docs.splunk.com/Documentation/Splunk/6.0/Data/Monitorchangestoyourfilesystem

0 Karma
Reply

dgavic
Explorer
‎11-20-2013 07:47 AM

I did find this write up in the docs section, and this helped get me going in the right direction.

http://docs.splunk.com/Documentation/Splunk/6.0/Data/MonitorfilesystemchangesonWindows

I am always open for more suggestions, or an easier way to do this.

Thank you

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...