Splunk Enterprise Security

Monitoring Account Creation in Windows with High Privileges

arorayo
New Member

over ES , any way to monitor windows account assigned with high privilege.
I only know of EventID 4672 . What all other events could be monitored

0 Karma

adonio
Ultra Champion
0 Karma
Get Updates on the Splunk Community!

Monitoring Postgres with OpenTelemetry

Behind every business-critical application, you’ll find databases. These behind-the-scenes stores power ...

Mastering Synthetic Browser Testing: Pro Tips to Keep Your Web App Running Smoothly

To start, if you're new to synthetic monitoring, I recommend exploring this synthetic monitoring overview. In ...

Splunk Edge Processor | Popular Use Cases to Get Started with Edge Processor

Splunk Edge Processor offers more efficient, flexible data transformation – helping you reduce noise, control ...