Solved

Tracking file/folder access

Posted on 2006-07-24
5
1,301 Views
Last Modified: 2013-12-04
I'd like to track what files/folders a particular user accesses so I have auditing turned on for the user & files/folders I want to monitor. However, the only thing that shows up in the security logs are the 576 event id's which do not tell you the files/folders. What am I missing....
0
Comment
Question by:tracknut
5 Comments
 
LVL 5

Accepted Solution

by:
floorman67 earned 25 total points
ID: 17168479
as explained here as well as all ID codes, http://www.privacywindows.com/securityfaq/security_systems.html , event 576 is "Special privileges assigned to new logon".

here is some infor you might find useful
http://www.microsoft.com/technet/archive/winntas/support/usesecur.mspx?mfr=true


there are some 3rd party applications that can monitor in real time like filemon
http://www.sysinternals.com/Utilities/Filemon.html
0
 

Author Comment

by:tracknut
ID: 17170553
thanks...I have a user I'd like to track what folders they are accessing. Any applications that will track this and report on what they accessed?
0
 
LVL 5

Assisted Solution

by:beechfielder
beechfielder earned 25 total points
ID: 17205307
Event ID 560 tells you who opened the file, the name of the file, and what kind of access.   567 is connected and should tell you the permissions in use.  Look before the 567 event for a 560.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question