Elastic Endpoint File Monitoring vs Elastic Agent File Integrity Monitoring Integration

Hi All,

I was curious if anyone knows the answer to this question, what are the differences between the Elastic Endpoint Security File Monitoring, and the Elastic Agent File Integrity Monitoring Integration?

Are they intended to be used at the same time? Are there any major differences between them? Should one be used over the other?

1 Like

AFAIK, Elastic Defend file contains the file access logs, while file integrity monitoring (FIM) is based on Auditbeat FIM module, which monitors file changes.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.