| Info |
|---|
FAM and RAM functionality is available starting from Snare Agent for Windows v5.6.0 |
There needs to be performed following three steps, before Snare can capture the FAM / RAM events.
1. Enable FAM / RAM Events in Windows Security Policy
| Info |
|---|
This step is done automatically in Snare Agents v5.7.1 or newer, assuming the following setting in General Configuration is checked: |
Open the Windows Security Policy (from Contrrol Panel / Administrative Tools on local machine or via GPO on Domain Control) and enable the following settings:
...