Apply or modify auditing policy settings for a local file or folder

To apply or modify auditing policy settings for a local file or folder:

1.     Open Windows Explorer.
2.     Right-click the file or folder that you want to audit, click Properties, and then click the Security tab.
3.     Click Advanced, and then click the Auditing tab.
4.     Do one of the following:

  • To set up auditing for a new user or group, click Add. In Enter the object name to select, type the name of the user or group that you want, and then click OK.
  • To remove auditing for an existing group or user, click the group or user name, click Remove, click OK, and then skip the rest of this procedure.
  • To view or change auditing for an existing group or user, click its name, and then click Edit.

5.     In the Apply onto box, click the location where you want auditing to take place.
6.     In the Access box, indicate what actions you want to audit by selecting the appropriate check boxes:

  • To audit successful events, select the Successful check box.
  • To stop auditing successful events, clear the Successful check box.
  • To audit unsuccessful events, select the Failed check box.
  • To stop auditing unsuccessful events, clear the Failed check box.
  • To stop auditing all events, click Clear All.

7.     If you want to prevent subsequent files and subfolders of the original object from inheriting these audit entries, select the Apply these auditing entries to objects and/or containers within this container only check box.
Important

  • Before setting up auditing for files and folders, you must enable object access auditing by defining auditing policy settings for the object access event category. If you do not enable object access auditing, you will receive an error message when you set up auditing for files and folders, and no files or folders will be audited. For more information about how to enable object access auditing, see “Define or modify auditing policy settings for an event category” in Related Topics.

Notes

  • You must be logged on as a member of the Administrators group or you must have been granted the Manage auditing and security log right in Group Policy to perform this procedure.
  • To open Windows Explorer, click Start, point to All programs, point to Accessories, and then click Windows Explorer.
  • For information about how to audit local registry keys, see “Audit activity on a registry key” in Related Topics.
  • After object access auditing is enabled, view the security log in Event Viewer to review the results of your changes.
  • You can set up file and folder auditing only on NTFS drives.
    If you see the following:

  • In the Auditing Entry for File or Folder dialog box, in the Access box, the check boxes are unavailable …
  • In the Advanced Security Settings for File or Folder dialog box, the Remove button is unavailable
  • …auditing has been inherited from the parent folder.

  • Because the security log is limited in size, select the files and folders to be audited carefully. Also, consider the amount of disk space that you want to devote to the security log. The maximum size for the security log is defined in Event Viewer.

Sursa
2009-02-01 10:00:34



Comenteaza





Ultimele 25 posturi adăugate

21:12:09Hostinger Web Hosting | Starting at $0.80/mo‎ —» Informaţii pentru studenţi !
21:12:07The best offers to Europe and the best offers to Portugal —» Informaţii pentru studenţi !
20:38:42Încă o anonimă despre situaţia din penitenciarele moldoveneşti —» Curaj.TV | Media alternativă
19:22:36Peste 25 ani a venit să ceară banii de la cununia fetei —» Curaj.TV | Media alternativă
15:42:59Republica Moldova între optimism și neputință —» Elena Robu
14:57:03Președintele va urmări personal cum decurg anchetele în cazul omorurilor de rezonanță —» Igor Dodon
14:45:34A fost soluționată problema tranzitării regiunii transnistrene de către automobilele cu numerele moldovenești —» Igor Dodon
11:23:11Străzi şi instituţii vitale, greu accesibile la Ciocana —» Curaj.TV | Media alternativă
10:08:59Premierul Ucrainei și-a dat demisia, după ce ar fi fost înregistrat în timp ce îl critica pe președintele Zelenski —» Elena Robu
09:42:27Geană a găsit păcate şi la Biserica catolică din Alba Iulia —» Curaj.TV | Media alternativă
09:03:07Get the latest fashion clothing online at Fairyseason! All Under 9.99 —» Informaţii pentru studenţi !
09:03:06Best Offers & Deals on Hotels, Flights and Holidays —» Informaţii pentru studenţi !
09:01:42LEV TOLSTOI ÎN MOLDOVA ȘI ȚARA ROMÂNEASCĂ (martie - septembrie 1854) —» Leo Butnaru
07:46:50Despre Ștefan Petrache, talent și…infrastructură culturală —» blog cultural
07:33:1584 Inch Curtains —» Andrei Fornea
07:10:51Liber la compromat sau poate Dodon „slivește” în „presă” info? —» un alt blog
07:10:49Top vânzări 2019. eBook Cartier —» Gheorghe Erizanu
05:15:46Interior Decoration Images —» Andrei Fornea
04:39:50Get the latest fashion clothing online at Fairyseason! All Under 9.99 —» plop andrei
04:06:20Best Offers & Deals on Hotels, Flights and Holidays —» plop andrei
03:45:18Become a Host on Airbnb | Earn Money Hosting Your Place‎ —» plop andrei
03:33:54Două companii importatoare creează, artificial, criză de cartofi în Moldova —» un alt blog
21:33:20S-a plîns la poliţie că am dat-o cu capul de pereţi —» Curaj.TV | Media alternativă
21:19:22Ambasadorul american, cu inspecţie la Guvernul RM —» Curaj.TV | Media alternativă
20:48:39900.000 de imigranţi UE din Marea Britanie ar putea întâmpina probleme după Brexit —» Elena Robu