<div>
Check to see if you have shadow copies enabled. &nbsp;If yuo do then right click on the share folder, click properties and then go to previous versions and pick a date.<br />
<br />
Check that list of files and folders against the existing one. &nbsp;Its crude but will allow you to recover obvious file deletions. Another option is to check your backups.<br />
<br />
With regards to logging the access. As per michaelalphi's comment. &nbsp;Windows Auditing will need to be enabled.
</div>


Check to see if you have shadow copies enabled.  If yuo do then right click on the share folder, click properties and then go to previous versions and pick a date.

Check that list of files and folders against the existing one.  Its crude but will allow you to recover obvious file deletions. Another option is to check your backups.

With regards to logging the access. As per michaelalphi's comment.  Windows Auditing will need to be enabled.

<div>
Windows auditing was not turned on, I managed to turn it on and now monitor critical changes....<br />
<br />
Also we are trying to buy the application, just not enough Budget for that.<br />
<br />
Thank you both for the information:<br />
<br />
About the backup, didn´t work even dough shadow copies are turned on.
</div>


Windows auditing was not turned on, I managed to turn it on and now monitor critical changes....

Also we are trying to buy the application, just not enough Budget for that.

Thank you both for the information:

About the backup, didn´t work even dough shadow copies are turned on.

<div>
<div class="content wysiwyg-content">
Does Windows 2008 (or Windows sbs 2011) records a log of each file opened and accessed by the network users? We have a shared folder on the server and each user access it using their credentials, one employee was fired and we want to know which files he was using last, or did he deleted some other files….<br />
Or, is there a way to see which files where modified between yesterday’s backup and today´s backup? We use windows backup.
</div>
</div>


Does Windows 2008 (or Windows sbs 2011) records a log of each file opened and accessed by the network users? We have a shared folder on the server and each user access it using their credentials, one employee was fired and we want to know which files he was using last, or did he deleted some other files….
Or, is there a way to see which files where modified between yesterday’s backup and today´s backup? We use windows backup.

File sharing event log in windows 2011 sbs

Small Business Server (SBS) is a line of server operating systems targeted at small businesses by bundling the operating system with a number of other Microsoft products that would normally need to be purchased or licensed separately. The most notable inclusions are Exchange, SQL Server, SharePoint and ISA/TMG (Microsoft's firewall and proxy server).

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

The term "Backup" means the methods and processes involved to copy computer data (system data as well as application data) to media other than the ones where the data originally live (disk, tape, optical, cloud). "Restore" in turn means the methods and processes involved in data recovery, i. e., bringing back copied computer data to their original location. Backup/Restore primarily serves as a means of protection against data loss, be it due to disaster, corruption or sabotage. It can also be used for recovering data from an earlier point in time and even for cloning machines or applications. There is a wide variety of backup/restore software available, from expensive commercial products to free or open source tools.