S I E M
S I E M
Utilizing the Log Shipper, Perch provides comprehensive file integrity monitoring for Windows-based systems.
Implementing file integrity monitoring on a specific system begins with downloading and installing the Perch Log Shipper.
Once the Log Shipper is installed, the Auditbeat configuration file (auditbeat.yml) will need to be modified to include the file/directory paths to be monitored.
To have the Auditbeat agent automatically scan subdirectories, add the following line below the last file path listed:
Once the additional file paths have been added to the Auditbeat configuration, save the file and restart the “perch-auditbeat” service.
Auditbeat will proceed to perform an initial scan of the directories and should begin reporting on changes to the files contained shortly after, depending on the size of the directories included.