File Activity Monitor App for Splunk

Stealthbits File Activity Monitor App for Splunk contains several predefined dashboards: File Activity (Overview), Ransomware, Permission Changes, and Deletions.

The date time search feature uses the default Splunk search features.

The timeframe interval is identified in the upper-left corner of each dashboard. The drop-down menu provides additional options. To search within a different interval, choose a new option from the menu. Then click Submit to refresh the card data.