Auditing calendar access
Posted on 2004-03-29
I am trying to audit all transactions that occur against an executive's calendar in Exchange 2000. The executive’s administrative assistant claims that about once a month an appointment will "drop off" this executive’s calendar. I have configured exchange 2000 properly taking into account all Microsoft and Symantec recommendations (including file level anti virus scanning exclusions for Exchange). Is there any way to track all transaction that occur to one calendar and then be able to review this log when an appointment drops off? I am looking to find out:
1) Who is connected to the calendar when the appointment drops off (either IP address, user name, or computer name)?
2) How to get these transactions pushed to some type of log file so that I can specifically show this admin assistant what happened and why.