OSSEC might be worth a look. It takes some time to setup, but the config can be rolled out to multiple systems. On Feb 15, 2011 2:45 PM, "Michael Dickey" <[email protected]> wrote: > *crickets....* > > You can dig into Windows audit logs (RTFM, sadly) and tuning them up higher, > but that's a pretty messy job to do. (And spendy, if you dump that into a > SEIM. Or if you have large file servers...) > > You can check into players like Tripwire that do file integrity monitoring > (FIM), but that's a pretty spendy way to do it. > > > I'd echo that lots of people would like to have what you want, and it's a > pretty big no-brainer request that even non-techs can ask. But solving that > issue (windows+file audits+across network+tracked changes) is one of those > Big Elephants sitting in the room. > > > > > On Fri, Feb 11, 2011 at 8:04 PM, Gibson, Samuel <[email protected] >wrote: > >> Hello, >> >> Does anyone have any recommendations as to a windows client that can >> monitor users access to files and folders on both the user's machine and the >> domain? We would like to have a record of what was touched, when it was >> touched, and potententially what was changed. >> >> Thanks, >> Samuel Gibson >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >>
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
