28. 08. 2012 TobiasGoller NetEye

File access monitor

Many companies use shared directories or files to allow different users to access the information and if necessary modify them.

When I am on customer site implementing new NetEye projects, it happens very often that there is the need to monitor the accesses on these shared files.

To satisfy this requirement it is necessary  to enable the “Audit Object Access” in the group policy of the domain or of the machine itself.
Based on the different configurations, in fact, all the activities (listen, read or write) performed on these files can be monitored.

The results can later be viewed in the Event Viewer of NetEye and in particular all the logs are stored in the security container. In addition, by identifying the event id it is also possible to configure the Agent Safed that collects and send these logs to the NetEye syslog server that archives and indexes them.

TobiasGoller

TobiasGoller

NetEye Solution Architect at Würth Phoenix
I started my professional career as a system administrator. Over the years, my area of responsibility changed from administrative work to the architectural planning of systems. During my activities at Würth Phoenix, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye. In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.

Author

TobiasGoller

I started my professional career as a system administrator. Over the years, my area of responsibility changed from administrative work to the architectural planning of systems. During my activities at Würth Phoenix, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye. In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.

Latest posts by TobiasGoller

12. 04. 2022 Unified Monitoring
News from nBox and ntopng
22. 03. 2022 Icinga Web 2, Machine Learning, NetEye
Performance Metrics Collection from NetEye to Elastic
14. 03. 2022 Unified Monitoring
SOS Berlin JobScheduler – JS7
15. 11. 2021 NetEye
The NetEye 4 SMS Tools Module
04. 08. 2021 NetEye
NetEye 4 Notifications from Satellites
See All

Related Content

Tags: , , , ,

09. 08. 2022 Events, NetEye, SEC4U, Service Management

NetEye User Group 2022 in Nuremberg ⛅️

Our yearly NetEye User Group is back! After two years of online User Groups, we are finally back with THE event!This year, our NetEye User Group DACH 2022, will take place in the Zukunftsmusuem in Nuremberg with a major focus Read More
01. 08. 2022 Cloud, Events, NetEye, Service Management, Webinar

Place Your IT Services in the Clouds ⛅️

Service Management without worries Take advantage of the cloud to improve your IT management, from system upgrades to infrastructure security. Migrate your servers to save on maintenance costs, ticket resolution times and resource usage. The right time is now Take Read More
19. 07. 2022 Contribution, NetEye, Unified Monitoring

Integration of Centreon Plugins into NetEye Extension Packs

With the end of 2021 we've release the first version of the NetEye Extension Packs project that helps customers and consultants on their monitoring implementations and more (see Introducing NetEye Extension Packs | www.neteye-blog.com for details). Now our focus is Read More
07. 07. 2022 DevOps

How to Use a Host’s Redhat Subscription to Run Containers Using Docker instead of Podman

In NetEye 4.23 we shifted our base containers from CentOS to RedHat Enterprise Linux. Within our NetEye image and container we ship packages that come from RedHat Enterprise Linux's private repositories and are thus subject to subscription, hence we need Read More
04. 07. 2022 NetEye

Using DSC to Distribute Icinga Agents

Desired State Configuration (DSC) is a feature in Powershell 4.0 and above that helps administrators to automate the configuration of Windows. I'll show you below how to use it in order to maintain a consistent Icinga agent configuration across your Windows Read More

One Reply to “File access monitor”

  1. Antonio Moletta says:
    August 29, 2012 at 07:24

    Hi Tobias, I’m working on this solution but unfortunately Syslog View doesn’t send notifications.

    Of course, it’s a really good repository to store audit events.

    I’m trying a different way like enabling snmp trap on the server and manage the “Audit Object Access” with Trap Handler module in NetEye.

    It works quite good!

    Reply

Leave a Reply

Your email address will not be published.

Search by technology

Contact

Contact us
Serviceportal

Subscribe to Feed

Article     Comments
Insert your E-Mail address:

Archive