Splunk Enterprise Security

windows server monitoring

punithjigali
Explorer

Hi team,

I have used windows add on to get events from server to my splunk instance using universal fowarder.

I want some of the monitoring examples that has bean already implemented so that I will go through that, get to practice and apply...

please share some of the example links...

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @punithjigali,
if you see in punithjigali Enterprise Security [Configure -- Content -- Content Management] you can enable or disable Use Cases.
At [Configure -- Content -- Libraries] you can see a description of the Use Cases.

In addition, if you install the Splunk Security Essentials ( https://splunkbase.splunk.com/app/3435/ ), there's an interesting feature that analyze your data and says what use Cases are toggled.

Ciao.
Giuseppe

0 Karma
Get Updates on the Splunk Community!

Developer Spotlight with William Searle

The Splunk Guy: A Developer’s Path from Web to Cloud William is a Splunk Professional Services Consultant with ...

Major Splunk Upgrade – Prepare your Environment for Splunk 10 Now!

Attention App Developers: Test Your Apps with the Splunk 10.0 Beta and Ensure Compatibility Before the ...

Stay Connected: Your Guide to June Tech Talks, Office Hours, and Webinars!

What are Community Office Hours?Community Office Hours is an interactive 60-minute Zoom series where ...