Splunking Your *.conf Files: How to Audit Configuration Changes Like a Boss
For years customers have leveraged the power of Splunk configuration files to customize their environments with flexibility and precision. And for years, we’ve enabled admins to customize things like system settings, deployment configurations, knowledge objects and saved searches to their hearts’ content. Unfortunately a side effect of this was that multiple team members could change underlying.conf files and forget that those changes ever occurred.