How to audit and report file and folder access
Posted on 2011-03-07
So, I've searched the knowledgebase and came up with a few ideas, but what I'm really looking for is a "best in class" way to BOTH audit and report on user access to files and folders.
--Have 2003 & 2008 servers
--In a HIPAA environment
--Servers have auditing turned on
--Could use eventdump to export the event logs
BUT, that process produces massive amounts of data - not information.
Sure, I could charge the client by the hour to convert the mass of data to info, but that wouldn't last beyond the first invoice.
I'm looking for:
--who accessed what
--some degree of what they did with whatever they accessed
There's got to be a better way that doesn't break the bank.