description: The following analytic detects suspicious file and directory discovery activities, which may indicate an attacker's effort to locate sensitive documents and files on a compromised system.
Windows Server 2022 └── Sysmon (captures detailed event telemetry) └── Splunk Universal Forwarder (ships logs on port 9997) └── Splunk Server (Ubuntu 192.168.10.10:9997) └── index=endpoint (search and ...
一部の結果でアクセス不可の可能性があるため、非表示になっています。
アクセス不可の結果を表示する