Link to home
Create AccountLog in
Avatar of Windindi
WindindiFlag for Angola

asked on

How to track a user utilization on my network

Hi, I have been dealing with a problem that was not set before but now I need to do it. How can I track what and where a user in my AD have been opening, remote log, and log, and file or any change on the network. is there a script or a small app that can show me this?
Avatar of kevinhsieh
kevinhsieh
Flag of United States of America image

Sorry, what do you want to track? File usage, web site activity, network traffic, administrative changes?
What logging do you have enabled on the domain controllers?
ASKER CERTIFIED SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
You may also need to put in something a SIEM or log aggregator to be able maintain a centralized reasonable history.
Avatar of Windindi

ASKER

So at this point without having the log enebled I won´t be able to do anything? there is no 3rd party apps that could do that?
That's correct you can't retroactively get data that wasn't generated.
Yeah, if this is retrospective analysis you can't study what you didn't collect.

You have not said what type of activity you're looking for.
that would be file access, remote access and AD changes