I need help in Custom Reporting

Advertisement
Hi,
i need help in auditing, SCOM 2012 R2 is deployed in 2 servers with ACS, i have 2 file server that has some shared folder in which users work on some certain document i need to have a report that i can run on certain file that will show me who access that
file when he access what he did like (read write, delete). i don't think we have this type of capability in default report. let me know if someone can help me in that. (free/paid) i know its a bit customized. let me know if u need any more info.
Syed Kasif
Advertisement

Replay

Hi,
As far as I know, to audit file access, we should Enable Audit Policy, and then Set up Audit System Access Control List (SACL).
After that, we can make sure that under security event logs there are auditing logs for file access.
Please refer to the below link for more details about auditing file access on file server:
http://blogs.technet.com/b/mspfe/archive/2013/08/27/auditing-file-access-on-file-servers.aspx
And for Collecting Security Events Using Audit Collection Services in Operations Manager:
http://technet.microsoft.com/en-us/library/hh212908.aspx
Regards,
Yan Li
Regards, Yan Li