How to configure alerts for Write/Create Folder

How to configure alerts for Write/Create Folder (Full Version)

All Forums >> [Network Security] >> GFI EventsManager

Message

mobi_khan -> How to configure alerts for Write/Create Folder (13.Jun.2008 10:15:30 AM)
Hi guyz I need your help in the following regards 1. I want to define an alert that in case if a user create a new file or folder I will get the alert about that newly created folder or file and more importantly in case a user make a failed attempt to create new file or a folder. I have configured auditing on that folder and i am getting alert for the take ownership attempt but I am not getting any alert if i add or remove a new user in the access right group or change the access rights settings. I want that I will get these alerts clearly. 2. I configured GFI Event Manager for alert in case a user who is not authorized to access a particular folder. I am getting alert on that "Access refused to existing object - Critical" but the issue is that I am getting at least more then 30 alerts for a single event. I configured the threshold option for 100 in 60 sec and when I tested it for one user “A”I got just one alert but when I tested it from another user's “B” machine I did not get any alert then when I removed the threshold option and tested it I got one alert form that particular from user “B” but on the other “A” machine I tested earlier i got lots of alerts. Please help me in this regard its really urgent.

DrewE -> RE: How to configure alerts for Write/Create Folder (16.Jun.2008 9:20:33 AM)
I believe you are looking for the following knowledge base article for question 1: Auditing file, folder or Registry activity http://kbase.gfi.com/showarticle.asp?id=KBID002902 In regards to question two, I am unsure of the exact circumstances of this issue. Typically, the threshold works to the issue. Is this an issue that one machine needs the threshold value set, but another machine seems like it only generates one event each time?

mobi_khan -> RE: How to configure alerts for Write/Create Folder (18.Jun.2008 9:35:33 AM)
I am still not able to get the desired events. I have selected the audit option for a folder "A" and selected the audit for successful attempt to 1. Change permission 2. Take ownership 3. Create folder/file 4. Appednd data/Write file But I am only getting alert for the take owner ship attempt although I created folder and changed the permission on the "A" folder. Please tell me how I will get exact alert for creating folder/file and change ownership??

DrewE -> RE: How to configure alerts for Write/Create Folder (19.Jun.2008 9:34:52 AM)
Do the other events show up in the Windows Event Log, but not the GFI EventsManager Event Browser?

Page: [1]