audit folder/file delet
From: Edy Werder (werder_at_interwatt.ch)
Date: 03/29/04
- Next message: Andrew Mitchell: "Re: Use of firewall software in desktops"
- Previous message: WH: "Use of firewall software in desktops"
- Next in thread: Steven L Umbach: "Re: audit folder/file delet"
- Reply: Steven L Umbach: "Re: audit folder/file delet"
- Reply: Bob Qin [MSFT]: "RE: audit folder/file delet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Mar 2004 10:07:59 +0200
Dear all,
I try to audit a folder and its subdirectory for deletion.
The folder is located on a domain controller. I understand I have
first to enable in local security policy, audit policy, audit object
access. After that I go to Windows Explorer, select the folder, right
click it, poperties, security, advanced, auditing, add.
The result I see in the event viewer under security. Basicalyl it
works, but I see a lot of other activity for registry keys, mmc.exe as
soon as I have activate the policy. Is that normal? It quickly files
the audit log. All I want to see there is entries for auditing the
folder.
Best regards
Edy
- Next message: Andrew Mitchell: "Re: Use of firewall software in desktops"
- Previous message: WH: "Use of firewall software in desktops"
- Next in thread: Steven L Umbach: "Re: audit folder/file delet"
- Reply: Steven L Umbach: "Re: audit folder/file delet"
- Reply: Bob Qin [MSFT]: "RE: audit folder/file delet"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
