The steps to add folder access logs to Splunk are as follows:
- Enable Object Access Audit through group policy on the Windows machine on which the folder is located.
- Enable auditing on a specific folder for which we want to monitor logs.
- Install Splunk universal forwarder on the Windows machine.
- Configure universal forwarder to send security logs to Splunk indexer.