Many companies use shared directories or files to allow different users to access the information and if necessary modify them.
When I am on customer site implementing new NetEye projects, it happens very often that there is the need to monitor the accesses on these shared files.
To satisfy this requirement it is necessary to enable the “Audit Object Access” in the group policy of the domain or of the machine itself.
Based on the different configurations, in fact, all the activities (listen, read or write) performed on these files can be monitored.
The results can later be viewed in the Event Viewer of NetEye and in particular all the logs are stored in the security container. In addition, by identifying the event id it is also possible to configure the Agent Safed that collects and send these logs to the NetEye syslog server that archives and indexes them.
I started my professional career as a system administrator.
Over the years, my area of responsibility changed from administrative work to the architectural planning of systems.
During my activities at Würth Phoenix, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye.
In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.
Author
Tobias Goller
I started my professional career as a system administrator.
Over the years, my area of responsibility changed from administrative work to the architectural planning of systems.
During my activities at Würth Phoenix, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye.
In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.
Scenario NetEye 4 is a comprehensive monitoring platform which natively supports Business Processes. A Business Process is an abstract view of a customer’s business from the Application point of view. Usually, it’s a collection of Icinga 2 checks aggregated by Read More
On February 3rd and 4th, 2024, we attended FOSDEM, a major event where thousands of free and open-source software developers from around the world gather to exchange ideas and collaborate. This year I dedicated much of the second day to Read More
Introduction: Unveiling Elastic APM in Containerized Environments In today's dynamic digital landscape, where every interaction matters, understanding the intricacies of application performance has become paramount. Elastic APM is a powerful toolset within the Elastic Stack included in the NetEye SIEM Read More
In this article, we’ll explore how to configure the “Agent Binary Download” setting and set up your own artifact registry for binary downloads within a NetEye cluster. Prerequisites Before we begin, ensure you have the following prerequisites in place: Your Elastic Agents Read More
We fixed the following issues in the integration between NetEye and Alyvix. Test Case file selection dropdown We fixed an issue in the Test Cases view for which, when switching between the Test Cases of different nodes, the wrong Test Read More
Hi Tobias, I’m working on this solution but unfortunately Syslog View doesn’t send notifications.
Of course, it’s a really good repository to store audit events.
I’m trying a different way like enabling snmp trap on the server and manage the “Audit Object Access” with Trap Handler module in NetEye.
It works quite good!