Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
appserver/static
bin
default
lookups
metadata
static
.gitignore
README.md

README.md

Splunk Windows Auditing alt tag

This app can be used to track user activity using best practices from the National Security Agency’s Spotting the Adversary with Windows Handbook. The dashboards and searches provide auditors with a full view of how a user is interacting with their local computer and other systems on the network.

###Spotting the Adversary with Windows Event Log Monitoring: alt tag https://www.nsa.gov/ia/_files/app/spotting_the_adversary_with_windows_event_log_monitoring.pdf #Install App only needs to be installed on the search head. Documentation: http://docs.splunk.com/Documentation/AddOns/released/Overview/Singleserverinstall

#Legal

  • Splunk is a registered trademark of Splunk, Inc.
You can’t perform that action at this time.