Getting Data In

File System Monitoring

ESIMatNeforce
Path Finder

Hey,

I am trying to monitor changes to specific, sensitive folders on my samba file share. Therefore, the fschange feature seemed to be the perfect fit for me, but unfortunately it's not available anymore. Searching for an alternative, I did not really come across a suitable solution for monitoring file system changes on a samba file share.

What i want to know:
- Operation performed (read, write, delete)
- User
- Timestamp
- Optionally: Time a file is accessed
- Optionally: Restriced file access (users trying to access files/directories they arent permitted to access)

That's basically it, does anyone have a suitable solution for this issue?

Regards
Flo

0 Karma

kristian_kolb
Ultra Champion
0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...