I thought splunk got some FIM capabilities in 4.something.
The agent software is designed to work with a manager, not independently.
On Sep 3, 2011 11:21 PM, "Michael Mather" <michael.mat...@teksavvy.com>
wrote:
> I want to run Splunk as a logging server, and feed logs to it from the
client
> machine using their Universal Forwarder.
>
> Unfortunately Splunk does not seem to do File Integrity Monitoring.
Further
> unfortunately, both machine are running Windows.
>
> My question is whether the Ossec Windows Agent can run as a logging agent
> without the Ossec Manager.
>
> I suspect the answer is "No", but could that be confirmed?
>
> Thanks.
