Many companies use shared directories or files to allow different users to access the information and if necessary modify them.
When I am on customer site implementing new NetEye projects, it happens very often that there is the need to monitor the accesses on these shared files.
To satisfy this requirement it is necessary to enable the “Audit Object Access” in the group policy of the domain or of the machine itself.
Based on the different configurations, in fact, all the activities (listen, read or write) performed on these files can be monitored.
The results can later be viewed in the Event Viewer of NetEye and in particular all the logs are stored in the security container. In addition, by identifying the event id it is also possible to configure the Agent Safed that collects and send these logs to the NetEye syslog server that archives and indexes them.
Tobias Goller
NetEye Solution Architect at Würth IT Italy
I started my professional career as a system administrator.
Over the years, my area of responsibility changed from administrative work to the architectural planning of systems.
During my activities at Würth IT Italy, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye.
In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.
Author
Tobias Goller
I started my professional career as a system administrator.
Over the years, my area of responsibility changed from administrative work to the architectural planning of systems.
During my activities at Würth IT Italy, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye.
In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.
Office 365 is a suite of online subscription services offered by Microsoft as part of the Microsoft 365 ecosystem. It includes capabilities for document creation and management, email, video conferencing, collaboration, and many other productivity services. The upcoming NetEye Extension Read More
The code is the structure, the LLM is the glue at the joints. There's a widespread misconception about automations “powered by artificial intelligence”: People picture a model you give an order to, which then carries out a complex operation from Read More
Practical lessons learned from real-world alert routing, automation, and integrations Introduction As mentioned at the end of Part 1, let's continue exploring practical use cases and real‑world solutions for Jira Operations alert handling and enrichment. NetEye, Icinga, and Jira Ops Read More
During our consulting activities we frequently find ourselves having to collect data from SNMP devices that do not support SNMPv3 for data encryption. This type of traffic is readable on the network and can create security problems and noncompliance with Read More
With Elastic Observability we can create alerts on all data we collect, such as logs, metrics, application services and synthetic monitoring. However, NetEye represents the main operational console from which to monitor the entire infrastructure. By sending alarms from Elastic Read More
Hi Tobias, I’m working on this solution but unfortunately Syslog View doesn’t send notifications.
Of course, it’s a really good repository to store audit events.
I’m trying a different way like enabling snmp trap on the server and manage the “Audit Object Access” with Trap Handler module in NetEye.
It works quite good!