Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE
Stealthbits

Stealthbits ProTip: Visibility with File Activity Monitoring

Blog >Stealthbits ProTip: Visibility with File Activity Monitoring
StealthAUDIT’s File Activity Monitor enables our customers with great visibility into file activity within Windows and most NAS solutions. Although the Access Information Center makes understanding this information easy, SIEM can, at times, be the preferred way to view any and all activity. Enabling Syslog output requires first opening the Stealthbits File Monitor and navigating to the Monitored Hosts tab. From there select ‘Edit’ for the host you wish to have send activity data to your SIEM. Go to the ‘Syslog’ tab in the agent properties window, and enter the required information as well as any desired syslog message template for formatting.
Monitored Host Tab
With that configured, stop then start the agent, and you’ll start sending file system activity to your SIEM as well.For our customers with QRadar, this will all be incorporated for our XForce app coming soon. This will provide users great views into activity right within your QRadar solution, making trending and even ransomware activity, easy to identify.
File Activity Dashboard

Don’t miss a post! Subscribe to The Insider Threat Security Blog here:

Loading

Featured Asset

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!


Loading

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL