Nice "certifate" submission. It seems like you chose to exclude a rather useful event ID......wouldn't failures be something you would want to see!?
Isn't supposed to be input.conf?
Make a homework 6 folder in your GitHub repository, with a professionally formatted README.md
file (Use markdown formatting), that contains your name, class, and date. Commit/push files
and all files related to this homework assignment to the repository [1 point]
Under a sub-heading of your README, provide information on what Splunk training course you
took via a short write-up of ~200 words [3 points]
Push your Splunk course certificate of completion to your repository [1 point]
Under a sub-heading of your README, provide a description of the Windows Event ID that you
chose to exclude from logging [1 point]
Push your groups updated input.conf file, that was created in the SIEM Tuning section, to your
repo [2 point]
Under a sub-heading of your README, provide a screen shot of the input.conf in the proper file
system location on your Domain NUC or virtual workstation [1 points]
Nice "certifate" submission. It seems like you chose to exclude a rather useful event ID......wouldn't failures be something you would want to see!?
Isn't supposed to be
input.conf?