Re: Audit files
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 07/11/05
- Next message: Steven L Umbach: "Re: smart card offline logon"
- Previous message: Steven L Umbach: "Re: Using CREATOR GROUP for files/folder"
- In reply to: José Carretero García: "Audit files"
- Next in thread: Roger Abell: "Re: Audit files"
- Reply: Roger Abell: "Re: Audit files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 11 Jul 2005 11:42:26 -0500
The other posters did a great job explaining what to do but FYI auditing
every file for every permissions for every user will generate a tremendous
amount on object access events in the security log and I would suggest that
you increase it's size to at least 100MB. More than likely you will be
overwhelmed with such events and it will be difficult to find useful
information. Unless you are bound by regulations to do such you may want to
fine tune what folders/files you are auditing and only audit the bare number
of permissions needed to find the information that you need. You will find
Event Comb from Microsoft helpful in searching the security log for events
and text strings. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;308471 --- Event
Comb
"José Carretero García" <jose.carretero@edp-sl.com> wrote in message
news:%23xQpFtfhFHA.3164@TK2MSFTNGP15.phx.gbl...
> Hi to everyone,
>
> I need to audit any folders and files in a share drive. I want to know
> when every users of the domain delete, open, create a file or folder.
> My server is a w2003.
>
> Thank you
>
>
- Next message: Steven L Umbach: "Re: smart card offline logon"
- Previous message: Steven L Umbach: "Re: Using CREATOR GROUP for files/folder"
- In reply to: José Carretero García: "Audit files"
- Next in thread: Roger Abell: "Re: Audit files"
- Reply: Roger Abell: "Re: Audit files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
