Solved

Auditing a specific account

Posted on 2003-12-12
6
415 Views
Last Modified: 2013-12-07
I have been asked to create an audit trial for an active directory user  account.

I used a specific OU and created granular GPO for full auditing applying it to that account.

However,

I would like to report activity with that account keeping the following in mind:

1. The name of that account is a subset of many others so it is hard to search for with the large quantity of events that exists in out enviorment.

2. Is there a audit reporting tool that will simplify this proccess

3. If other accounts are in need of monitoring is it a difficult proccess to maintain?

Thanks

Webaxion

0
Comment
Question by:webaxion
  • 2
  • 2
  • 2
6 Comments
 
LVL 18

Expert Comment

by:chicagoan
ID: 9928927
You either need to get a third party tool that stuffs the logs into a database you can get reports out of or take a look at
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=9989D151-5C55-4BD3-A9D2-B95A15C73E92

This utility collects Event Logs in a comma-delimited text file which allows you to import them into a database for analysis
0
 

Author Comment

by:webaxion
ID: 9930898
Is there a way to parse the information into a more usable report?

And can anyone point me into a direction of a 3rd party tool that will provide the reporting?

0
 
LVL 18

Expert Comment

by:chicagoan
ID: 9931006
>Is there a way to parse the information into a more usable report?
If there is someone on staff familiar with databases, this should be a trivial task.
Worst case: open the file in excel and sort on desired field.

 Sawmill is popular: http://www.sawmill.net/formats/Windows_Event.html
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 37

Accepted Solution

by:
bbao earned 333 total points
ID: 9934211
why dont try Crystal Reports? it is powerful and its special edition is for w2k resource kit:

Seagate Software Crystal Reports 6.0
http://www.tburke.net/info/reskittools/topics/crystal.htm

Windows NT: Monitoring Events
www.microsoft.com/technet/prodtechnol/ winntas/proddocs/concept/xcp09.asp

AFAIK, what you want can all be done well by Crystal Reports, very professional.

for more about Crystal Reports:

http://www.crystalkeen.com/articles/crystalreports/
http://www.pnltools.com/printproduct.asp?productid=34

hope it helps,
bbao
0
 

Author Comment

by:webaxion
ID: 10023516
Found an application that does this and much more.

http://www.gfi.com/lanselm/

Creates a wide variety of customized reports that are just the ticket for upper management ECT.
0
 
LVL 37

Expert Comment

by:bbao
ID: 10024453
good, webaxion, if you think your question is finished, could you please accept helpful commnets OR ask EE moderators make it as PAQ and get refund. happy new year
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question