Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How can I monitor if someone is using wireless keyboard or mouse ?

Aizo
New Member
‎01-27-2023 06:16 AM

Hi,

 

Is there any way to control if users are using wireless keyboard or mouse ? 

 

 

Labels (1)
Labels
0 Karma
Reply

Aizo
New Member
‎01-27-2023 09:21 AM

Hello @tej57 

Thank you for your answer.

I forgot to mention that bluetooth is deactivated in BIOS. Using wireless keyboard and mouse is forbidden and I'm wondering how to monitor that users won't connect their wireless devices by dongle USB . (  I can't deactivate USB ports ) 

0 Karma
Reply

tej57
Contributor
‎01-27-2023 09:32 AM

For Windows devices, you can enable Security, Application eventlogs using Splunk Add-on for Microsoft Windows. Event Code - 6416 contains the logs whenever an external device connects to the Windows machine. 

For Linux devices, you can monitor the messages directory which contains all the activity information. And then based on the logs, you can setup an alert to get triggered for a specific regex pattern.

0 Karma
Reply

tej57
Contributor
‎01-27-2023 07:45 AM

Hello @Aizo,

The wireless keyboard and mouse would be connected to a device using the Bluetooth preferences. If you could monitor the processes or the connectivity logs for a device, you can get the information if the device is connected to a bluetooth mouse/keyboard or not.

0 Karma
Reply
Get Updates on the Splunk Community!

See your relevant APM services, dashboards, and alerts in one place with the updated ...

As a Splunk Observability user, you have a lot of data you have to manage, prioritize, and troubleshoot on a ...

Index This | What goes away as soon as you talk about it?

May 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s ...

What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025

This month, we’re delivering several new innovations in Splunk Observability Cloud and Splunk AppDynamics ...
li.common.scroll-to.top