My boss has a concern that a particular user may be copying sensitive information or abusing their access rights on the netowrk. She has asked me to find out if there is a way of tracking this user to see when they are loggin on to the server, their own PC, accessing files, copying files where they are coipying files to, editing files and deleting files.
Is this posible, if so, exactly how would I go about setting this up in such a way that would be easy to report on. Therefore, I would like to provide a report that says for example:
On Monday @ 9:11 a.m. they logged onto their machine, at 9:21 a.m. they read a file on such and such a shared folder, they then copied another file to their hard drive @ 10:15 a.m. . They then logged off at 11:00a.m.