Auditing a specific account

I have been asked to create an audit trial for an active directory user  account.

I used a specific OU and created granular GPO for full auditing applying it to that account.

However,

I would like to report activity with that account keeping the following in mind:

1. The name of that account is a subset of many others so it is hard to search for with the large quantity of events that exists in out enviorment.

2. Is there a audit reporting tool that will simplify this proccess

3. If other accounts are in need of monitoring is it a difficult proccess to maintain?

Thanks

Webaxion

webaxionAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

chicagoanCommented:
You either need to get a third party tool that stuffs the logs into a database you can get reports out of or take a look at
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=9989D151-5C55-4BD3-A9D2-B95A15C73E92

This utility collects Event Logs in a comma-delimited text file which allows you to import them into a database for analysis
0
webaxionAuthor Commented:
Is there a way to parse the information into a more usable report?

And can anyone point me into a direction of a 3rd party tool that will provide the reporting?

0
chicagoanCommented:
>Is there a way to parse the information into a more usable report?
If there is someone on staff familiar with databases, this should be a trivial task.
Worst case: open the file in excel and sort on desired field.

 Sawmill is popular: http://www.sawmill.net/formats/Windows_Event.html
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

bbaoIT ConsultantCommented:
why dont try Crystal Reports? it is powerful and its special edition is for w2k resource kit:

Seagate Software Crystal Reports 6.0
http://www.tburke.net/info/reskittools/topics/crystal.htm

Windows NT: Monitoring Events
www.microsoft.com/technet/prodtechnol/ winntas/proddocs/concept/xcp09.asp

AFAIK, what you want can all be done well by Crystal Reports, very professional.

for more about Crystal Reports:

http://www.crystalkeen.com/articles/crystalreports/
http://www.pnltools.com/printproduct.asp?productid=34

hope it helps,
bbao
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
webaxionAuthor Commented:
Found an application that does this and much more.

http://www.gfi.com/lanselm/

Creates a wide variety of customized reports that are just the ticket for upper management ECT.
0
bbaoIT ConsultantCommented:
good, webaxion, if you think your question is finished, could you please accept helpful commnets OR ask EE moderators make it as PAQ and get refund. happy new year
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Analysis

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.