gadzail 1 Posted October 23, 2007 Hi all, I would like to create a service that run on a server to intercept the users command that delete file (or move) on a specific folder. This help me to create a log file of these events in case of an accidentally delete (or move) of an important file so I can try to restore or at least I could know what happened. Is it possible? I know how to create the service but I don't know how to intercept these events. I didn't find a solution on the forum (but maybe I didn't search with the right words). Thanks. Share this post Link to post Share on other sites
PsaltyDS 41 Posted October 23, 2007 Hi all,I would like to create a service that run on a server to intercept the users command that delete file (or move) on a specific folder.This help me to create a log file of these events in case of an accidentally delete (or move) of an important file so I can try to restore or at least I could know what happened.Is it possible?I know how to create the service but I don't know how to intercept these events.I didn't find a solution on the forum (but maybe I didn't search with the right words).Thanks.Go into Local Security Policy (assuming this is not an AD domain), Audit Policy, and enable auditing of object access. The go to the security tab on that file and/or directory and then hit the Advanced button. On the Advance Security Settings dialog, select the Auditing tab and add the required auditing events. Anything you configure to be audited will be logged to the Event Log. Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law Share this post Link to post Share on other sites
gadzail 1 Posted October 24, 2007 Go into Local Security Policy (assuming this is not an AD domain), Audit Policy, and enable auditing of object access. The go to the security tab on that file and/or directory and then hit the Advanced button. On the Advance Security Settings dialog, select the Auditing tab and add the required auditing events. Anything you configure to be audited will be logged to the Event Log. Many thanks Share this post Link to post Share on other sites
ptrex 162 Posted October 24, 2007 @all Look in my signature for "File Monitor". Enjoy !! regards ptrex Contributions :Firewall Log Analyzer for XP - Creating COM objects without a need of DLL's - UPnP support in AU3Crystal Reports Viewer - PDFCreator in AutoIT - Duplicate File FinderSQLite3 Database functionality - USB Monitoring - Reading Excel using SQLRun Au3 as a Windows Service - File Monitor - Embedded Flash PlayerDynamic Functions - Control Panel Applets - Digital Signing Code - Excel Grid In AutoIT - Constants for Special Folders in WindowsRead data from Any Windows Edit Control - SOAP and Web Services in AutoIT - Barcode Printing Using PS - AU3 on LightTD WebserverMS LogParser SQL Engine in AutoIT - ImageMagick Image Processing - Converter @ Dec - Hex - Bin -Email Address Encoder - MSI Editor - SNMP - MIB ProtocolFinancial Functions UDF - Set ACL Permissions - Syntax HighLighter for AU3ADOR.RecordSet approach - Real OCR - HTTP Disk - PDF Reader Personal Worldclock - MS Indexing Engine - Printing ControlsGuiListView - Navigation (break the 4000 Limit barrier) - Registration Free COM DLL Distribution - Update - WinRM SMART Analysis - COM Object Browser - Excel PivotTable Object - VLC Media Player - Windows LogOnOff Gui -Extract Data from Outlook to Word & Excel - Analyze Event ID 4226 - DotNet Compiler Wrapper - Powershell_COM - New Share this post Link to post Share on other sites
