28. 08. 2012 Tobias Goller NetEye

File access monitor

Many companies use shared directories or files to allow different users to access the information and if necessary modify them.

When I am on customer site implementing new NetEye projects, it happens very often that there is the need to monitor the accesses on these shared files.

To satisfy this requirement it is necessary  to enable the “Audit Object Access” in the group policy of the domain or of the machine itself.
Based on the different configurations, in fact, all the activities (listen, read or write) performed on these files can be monitored.

The results can later be viewed in the Event Viewer of NetEye and in particular all the logs are stored in the security container. In addition, by identifying the event id it is also possible to configure the Agent Safed that collects and send these logs to the NetEye syslog server that archives and indexes them.

Tobias Goller

Tobias Goller

NetEye Solution Architect at Würth Phoenix
I started my professional career as a system administrator. Over the years, my area of responsibility changed from administrative work to the architectural planning of systems. During my activities at Würth Phoenix, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye. In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.

Author

Tobias Goller

I started my professional career as a system administrator. Over the years, my area of responsibility changed from administrative work to the architectural planning of systems. During my activities at Würth Phoenix, the focus of my area of responsibility changed to the installation and consulting of the IT system management solution WÜRTHPHOENIX NetEye. In the meantime, I take care of the implementation and planning of customer projects in the area of our unified monitoring solution.

Latest posts by Tobias Goller

16. 04. 2025 NetEye, Unified Monitoring
Application Performance Monitoring in NetEye with Elastic APM and OpenTelemetry
20. 01. 2025 NetEye
Icinga Director Self Service API Not Working After Keycloak Activation
25. 10. 2024 Log-SIEM
Enhancing Cybersecurity with Elastic Defend: A Technical Consultant’s Perspective
28. 08. 2024 Unified Monitoring
ntopng Updates
08. 07. 2024 Unified Monitoring
Collecting Netflows – ntopng vs. ElastiFlow
See All

Related Content

Tags: , , , ,

31. 03. 2025 NetEye, Service Management

Improving Your Backup of MariaDB

Choosing the right backup solution is critical for system administrators and IT professionals. The upcoming NetEye 4.41 version will bring an update to MariaDB, moving from version 10.3 to 10.11. This makes it especially timely to explore the opportunities offered Read More
30. 03. 2025 NetEye, Unified Monitoring

Cron Job Monitoring with Tornado

In NetEye environments we use Tornado to collect events, elaborate on them, and send notifications based on them from a lot of sources (syslog, email, SNMP traps and so on). In this article I'd like to suggest a different use Read More
26. 03. 2025 Development, NetEye

Upgrading MariaDB within NetEye 4.41: Enabling a Feature-Rich Future

As technology continually evolves, keeping our software stack up to date is essential for performance, security, and access to new functionalities. In this post, I want to share how we upgraded MariaDB from version 10.3 to 10.11 as part of Read More
21. 03. 2025 NetEye, Unified Monitoring

How to Create a Serial Modem Emulation Service on NetEye

In some test or development environments, you may need to simulate the presence of GSM modems without having an actual physical device. This can be useful for example when testing monitoring checks, SMS management systems, or creating new notification rules. Read More
11. 02. 2025 Development, Events, NetEye

Podman Quadlet: Simplifying Container Management with systemd

Just like last year, we had the wonderful opportunity to attend FOSDEM, the most important open source conference in Europe. This year was no exception, and among the many exciting talks, one that particularly caught my attention was Alex Stefanini’s Read More

One Reply to “File access monitor”

  1. Antonio Moletta says:
    August 29, 2012 at 07:24

    Hi Tobias, I’m working on this solution but unfortunately Syslog View doesn’t send notifications.

    Of course, it’s a really good repository to store audit events.

    I’m trying a different way like enabling snmp trap on the server and manage the “Audit Object Access” with Trap Handler module in NetEye.

    It works quite good!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive