complete monitoring of files deleted moved and changed

I need to completely monitor a couple of directories on a fileserver, I need to know what the user upended/ deleted change/ a file or group of files and also if the file was moved where it was moved to, I would also like to notification if a group of files is being copied to another location, where that location is what the user is copying the files to IE USB .
This is a relatively small network of approximately hundred and 80 users and I think I have one user that is taking delight in moving files about for the hell of it, deleting bits of the file server and just generally making a mess
I have turned on file auditing but this still does not give me the detail I need

thank you in advance
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

LetchfordPConnect With a Mentor Author Commented:
I think there is no anser
If you have the policy enabled to report file and directory activity, about the only other thing you can do would be to install some folder and file monitoring software.

I do not know if this will work but you can have a look at:

I saw some others on SourceForge (open source and free), and if I find them, I will post them.

With these tools you can set up watches on certain folders files. I do not know whether they will report back the PC or user accessing, changing deleting files etc. IMHO the certainly should.

LetchfordPAuthor Commented:
thank you for trying to answer the question but unfortunately I still cannot find any software that does the job
does anyone else have any suggestions, getting really desperate now!!
Alan Huseyin KayahanCommented:
Hi LetchfordP
     Audit logs are pretty detailed. But you should look at the log with the correct event ID. Please have a look at following PAQ of mine.

Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
One thing you definitely should do is make sure you have Volume Shadow Snapshots Service enabled and configured for those shares.  That way you can revert back to a previous version of the entire directory if you like... or at least view what it looked like at any point over the last 30 days.  

Technical Overview of VSS:

Then... if enabling auditing isn't enough, you can always deploy Windows Rights Management Service, but that's a much more complicated security measure and may be more than you are looking to do here.

All Courses

From novice to tech pro — start learning today.