Elastic Agent Integration: File Integrity Monitoring (FIM)

Will the elastic agent/endpoint eventually have file integrity monitoring like Auditbeat in the future? Looking for options to replace TrendMicro but it looks like I'll have to use auditbeat or osquery with the elastic agent to fully replace it.


Elastic Endpoint provides the capability of monitor file changes such as modify/rename/delete and event on the activities, as well as other preventative capabilities when files are accessed.

Thanks @Yamin_Tian.

@morgan.atwood just to add to Yamin's point above, while our Endpoint Security integration does cover FIM use cases, we are also in the process of migrating Auditbeat functionality, including FIM, to Elastic Agent. I can't share timelines at the moment, but it is certainly a focus area for us.

I'd love to discuss your FIM requirements in more detail, and understand how you're using Trend Micro FIM currently - will drop you a note to schedule some time or discuss offline.

How can I capture this the FIM in the Elastic Agent in work? My organization is doing Fedramp audit right now, and I need to provide evidence of this somehow?

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.