Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Can native OS tools enable file-access auditing?

Our systems management expert explains how to set up file-access auditing using native tools in Windows and where third-party tools fit into the file-access auditing process.

I've read somewhere that file-access auditing can be enabled and subsequently reported using native OS tools, rather than third-party tools. Is this correct? Or is a third-party solution required to determine who accesses what and when on a Windows server?
The native OS has the ability to audit file objects and can report successful and failed attempts to access an object. It then places those reports into the system security event log.

This article explains how to use Group Policy to apply or modify auditing policy settings for an object.

Once you've set this up, locate a utility that can send you the specific security events that appear in the server you're auditing (or do some scripting if you know how). I suggest the EventSentry Light utility from Event Sentry. This freeware program runs without time limitations and allows you to specify the events to send your way.

Dig Deeper on Windows Server troubleshooting

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.