I have been asked the same question over and over again – "how can I monitor my personal Windows shared files?" So in other words, users set up shared files on their local computers or even a server and they want to know how they can easily see who has opened what and when.My normal answer to this is that we need to enable auditing and set up object access audit policies. With that sentence I usually lose the person on the word auditing.
But now there is a simple portable application that can report on all your local Windows shared files as easily as downloading, running and starting up the application.
First we will download Share Monitor from Softpedia. After downloading the application go ahead and run it. You will see a screen that looks like this:
I downloaded and ran Share Monitor on my office desktop machine. I then clicked the start button on the application, not changing anything and I still saw nothing! So I attempted to access my shared folders from my machine and then again from one of my local servers. I then saw my log start to grow. Let's see what it did:
- We can see the opened at field displays the date and time the share or file was opened.
- The closed at field shows when the file or folder was closed.
- The duration field computes the difference between those two fields.
- The user name is the logged in user who accessed your files or folders.
- The Type is the type of operating system used.
- The open mode can show read or write access.
- Finally the File/Folder field shows the object that was accessed.
Now this could be used to find someone deleting your files, editing stuff you do not want edited and all sorts of other creative things you want to track without the need for any auditing knowledge on Windows!
Catch the changing security environment Get it now.
No comments:
Post a Comment