Log Sources

Configure Log Sources to be collected on this machine.

Snare Agent can collect the following logs:

• Logs generated by Windows Operating System or applications and written to the Event Viewer (configurable via Audit Policies page)

• Logs generated by Applications and written to text-based log files

• Logs generated by Snare Agent:

  • File Integrity Monitoring (FIM)

  • Registry Integrity Monitoring (RIM)

  • Telemetry (CPU, Disk, Memory and Network Monitoring) - available from version 5.9.0.

Refer to the pages below for configuration details: