Splunk Enterprise Security

windows server monitoring

punithjigali
Explorer

Hi team,

I have used windows add on to get events from server to my splunk instance using universal fowarder.

I want some of the monitoring examples that has bean already implemented so that I will go through that, get to practice and apply...

please share some of the example links...

Labels (1)
0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @punithjigali,
if you see in punithjigali Enterprise Security [Configure -- Content -- Content Management] you can enable or disable Use Cases.
At [Configure -- Content -- Libraries] you can see a description of the Use Cases.

In addition, if you install the Splunk Security Essentials ( https://splunkbase.splunk.com/app/3435/ ), there's an interesting feature that analyze your data and says what use Cases are toggled.

Ciao.
Giuseppe

0 Karma
Get Updates on the Splunk Community!

Changes to Splunk Instructor-Led Training Completion Criteria

We’re excited to share an update to our instructor-led training program that enhances the learning experience ...

Stay Connected: Your Guide to January Tech Talks, Office Hours, and Webinars!

❄️ Welcome the new year with our January lineup of Community Office Hours, Tech Talks, and Webinars! 🎉 ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...