in DevOps Culture by
If I want to add folder access logs from a windows machine to Splunk, how do I do it?

1 Answer

0 votes

Below are the steps to add folder access logs to Splunk:

  • Enable Object Access Audit through group policy on the Windows machine on which the folder is located
  • Enable auditing on a specific folder for which we want to monitor logs
  • Install Splunk universal forwarder on the Windows machine
  • Configure universal forwarder to send security logs to Splunk indexer