Yeah, the auditing needs some supervision, you can
use a script to read the file every 6 hours or so. Basically move the current file, create a new one,
and rename the old in a date-time.txt format. Then parse it for what you’re
looking for and spit out some basic custom XHTML page (or xml). That wouldn’t
be too bad of a _vbscript_ especially with regular _expression_ searches. Or you could use some other kind of log processor/web
stats package (sawmill log analyzer supports a lot of formats) instead of
creating a custom solution. I think you can limit some of the entries in auditing
by picking certain usernames to watch, haven’t really used it a whole
lot, but it’s damn useful. Web stats will only show you connections to
the file by IIS, whereas auditing will show you every access from a particular
username. I would google it some, just to see what kinda options are out there
for using it, might be some filters you could include or something of the like. Thanks, Shaun ----------------------------------------------------------- "Internet/Technology Solutions for
Business and Government" From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Goran Jovanovic It is a dev/staging server running in a
virtual server environment so I have to be a bit careful what I turn on or
don’t. I tried the auditing a file. Wow talk
about generating Security Event Log records. I turned auditing on for two files
bginfo.exe and its corresponding config.bgi file. Then I ran it to generate the
background on file server. That simple little thing created 15 log entries. If we turn this on we are going to need
something to parse the security log file as I can see that it is going to
produce a HUGE amount traffic in there. Goran Jovanovic Omega Network Solutions From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of You could also enable auditing in Windows to examine
file level access, just r-click on any file/folder and select properties, click
on the security tab then click advanced then click on the auditing tab. WARNING: auditing a lot of high-use files could
strain the server That being said, your on a dev server so it should be
alright, though I would keep the number of files you’re auditing to a
minimum or as small a group as possible Thanks, Shaun ----------------------------------------------------------- "Internet/Technology Solutions for Business
and Government" From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Darin Cox Source code activity would be best
analyzed with Visual SourceSafe or another code control system. For
watching use of the sites for testing, etc. just enable logging for the virtual
webs and run reports on the web traffic.
----- Original Message ----- From: Goran Jovanovic Sent: Wednesday, May 31, 2006 2:35 PM Subject: [Declude.JunkMail] OT: Monitoring/Auditing a Windows Server Hi All, This is definitely an off topic question. I have a client that wants to monitor what
their outsourced developers are doing. The development is taking place in IIS,
.Net Application Server and SQL 2000. They want to know generally speaking what
they are doing. Are the development servers being used/tested? Would not have
to report on what exactly is being changed etc but some sort of activity
report. Does anyone know of anything that can
report on this type of activity. Thanks Goran Jovanovic Omega Network Solutions |
- [Declude.JunkMail] OT: Monitoring/Auditi... Goran Jovanovic
- Re: [Declude.JunkMail] OT: Monitori... Darin Cox
- RE: [Declude.JunkMail] OT: Monitori... Shaun Mickey
- RE: [Declude.JunkMail] OT: Monitori... Goran Jovanovic
- Re: [Declude.JunkMail] OT: Moni... Darin Cox
- RE: [Declude.JunkMail] OT: Monitori... Goran Jovanovic
- RE: [Declude.JunkMail] OT: Moni... Robert E. Spivack
- RE: [Declude.JunkMail] OT: ... Harry Vanderzand
- RE: [Declude.JunkMail] OT: Monitori... Shaun Mickey
- RE: [Declude.JunkMail] OT: Monitori... Goran Jovanovic
- RE: [Declude.JunkMail] OT: Moni... Robert E. Spivack
- RE: [Declude.JunkMail] OT: Monitori... Dave Marchette
- RE: [Declude.JunkMail] OT: Monitori... Jay Sudowski - Handy Networks LLC
- RE: [Declude.JunkMail] OT: Moni... Kevin
- [Declude.JunkMail] Windows ... Kevin
- Re: [Declude.JunkMail] ... R. Lee Heath
- Re: [Declude.JunkMail] ... Ncl Admin
- RE: [Declude.JunkMail] ... William Stillwell
- RE: [Declude.JunkM... Kevin