File Accesses in a Windows Environment by user WinEventLog:Security Go Splunk Vote Up +1 Vote Down -0You already voted! File Accesses in a Windows Environment by user sourcetype=”WinEventLog:Security” user=* (EventCode=560 OR EventCode=4656) | chart count by Type Continue Reading →
