Windows Security Operations Center

Hey - the app has been finally upgraded for Splunk 7.x, 8.x and 9.x. This applications summarizes and visualizes all security relevant information in your Windows environment. It supports both Windows 2003 (since these refuse to go away) and Windows 2008 log type, even in mixed environments as well as Windows 2012+ servers. The application offers monitoring of successful and failed Windows AD and NTLM authentications as well as RDP and console services. Additionally, dashboards showing Windows host based firewall activities are available as well as tracking of software installations and Directory Services access and modifications. Comments or questions? Please contact us at infigoapps@infigo.is.