[WinEventLog:Security] disabled = 0 index= win* blacklist1=EventCode="4662" Message=”Accesses:\t\t+(?!Create\sChild)” Is this correct way to filter out event which only have "Create Child" as field value under access? Please let me know if there is any syntax error or any other solution that I can try. ... View more

From AWS storage we are already getting data into a territory specific instance.(example :Singapore-On-prem). Now i want the same data in Singapore instance as well as in global instance(Cloud). How can i do this? Can anyone suggest any solution and if there is a solution , then what could be the potential roadblocks that i might face while trying the solution. ... View more