cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
rsbst19
Engager
Member since: ‎02-10-2023
‎02-15-2023
Community Statistics
Posts 3
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎02-10-2023
View All

Re: Windows Directory Monitoring

by in Getting Data In
‎02-15-2023 07:02 AM
‎02-15-2023 07:02 AM
Great.  Thanks for the explanation Giuseppe!   ... View more

Windows Directory Monitoring: How to get file moni...

by in Getting Data In
‎02-15-2023 06:26 AM
‎02-15-2023 06:26 AM
Hi all,  Splunk newbie with what I hope is a simple question... I have a UF installed on my windows file server, and it is set to monitor a directory--see below [WinEventLog://Security] checkpointInterval = 5 current_only = 0 disabled = 0 start_from = oldest monit [WinEventLog://System] checkpointInterval = 5 current_only = 0 disabled = 0 start_from = oldest [monitor://D:\documents\Confidential] disabled = false  The intent is for it to report access/modifications/deletions to files in that directory, but I am not getting any file monitoring activity returned to my splunk server when I perform a simple query for the windows host.  I do get all the system and security events, though. Any ideas on why I'm not getting the file monitoring activity?  Thanks! ... View more

Is it possible to change admin pwd in Splunk AMI d...

by in Security
‎02-10-2023 06:17 AM
‎02-10-2023 06:17 AM
Just starting out with provisioning splunk 9.x via AWS AMI and Terraform.  Does anyone have any idea if it is possible to change the admin pwd using a user_data script on the AMI?  I found one mention  of using export password="<password>" but that didn't seem to work; it still used the default SPLUNK-$instance id$ We would like to have the pwd changed during provisioning, if possible.  Thanks. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎02-15-2023 04:31 PM
Karma given to
View All