IT Employment

General discussion


Audit Trails - Object Access

By ajobrien ·
I work for a HIPAA covered entity and have a question regarding Audit trails. Using the local security policy, I have set up object access auditing on our shares. The problem is that the logs are huge and cumbersome. At this point, I am saving and clearing the logs daily and once per month, burn them to a cd.

How are others handling this? Are their any 3rd party applications that can help me manage this task more efficiently? My agency is non-profit therefore cost is an issue.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by lowlands In reply to Audit Trails - Object Acc ...

There is a utility called "eventsave" that might help you. It used to be free but it looks like they now charge small fee.

Another option is to write and schedule a vbscript that'll do the trick. Look her for some info:


Collapse -

by talukdar_m In reply to Audit Trails - Object Acc ...

We're using ntsyslog (Check SourceForge) to send the logs to a Linux FC4 box which can hold upto 8 devices logs. just needs lots of HD space for that--but it can all be rotated and cleared oout as needed.

As for checking through them, you can use grep to find what you're looking for(eg eventid xyz-user deletion of files etc).
Then space on the server can be freed up because the log also lives somewhere else and the logs on the server can be set to delete after a month or so.

Collapse -

by jettagls00 In reply to Audit Trails - Object Acc ...

You could try using some type of document management software to manage the files that are being accessed. With most document management softwares there is an audit trail for each document which is very deatiled. It will also help you streamline your processes to make your day more eficient. Send me an email if you would like more info.

Related Discussions

Related Forums