Hi All,
I was curious if anyone knows the answer to this question, what are the differences between the Elastic Endpoint Security File Monitoring, and the Elastic Agent File Integrity Monitoring Integration?
Are they intended to be used at the same time? Are there any major differences between them? Should one be used over the other?
AFAIK, Elastic Defend file contains the file access logs, while file integrity monitoring (FIM) is based on Auditbeat FIM module, which monitors file changes.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.