-
June 29th, 2003, 04:18 PM
#1
Member
How can I log user actions through XP?
I am running win XP pro and I need to know how to log such things as user log on log off times applications run and a few other things. I wanted to know if XP incorporated something like this somewhere, since as of yet I cant find anything. I am not looking to use third party applications which might screw up, but might if it looks promising enough. Thanx in advance guys!
101010 = The answer to liff the universe and everything...
-
June 29th, 2003, 04:32 PM
#2
Hi,
I don't know what your intensions are but for knowing the logon and logoff times from users you can use the event viewer provided with winXP pro , you can even find out which programs are started at what time (but this is not that detailed and not for all applications).
This is offcours only when you have this feature turned on... to turn it on you have to go to control panel -- Administrative tools -- local security policy -- Local policies -- Audit Policy and in the right column turn everything on of that what you wanna monitor.
If you need more detailed info you have to go and search for third party software ...I'm not gonna provide links here because there is some software out there that can be used for malicious practice but a good search through Google will bring you a long way.
Back when I was a boy, we carved our own IC's out of wood.
-
June 29th, 2003, 08:25 PM
#3
**Moved from Antionline: How do I? to Microsoft Security**
-
June 30th, 2003, 04:41 AM
#4
Auditing User Access of Files, Folders, and Printers
The audit log appears in the Security log in Event Viewer. To enable this feature:
Click Start, click Control Panel, click Performance and Maintenance, and then click Administrative Tools.
Double-click Local Security Policy.
In the left pane, double-click Local Policies to expand it.
In the left pane, click Audit Policy to display the individual policy settings in the right pane.
Double-click Audit object access.
To audit successful access of specified files, folders and printers, select the Success check box.
To audit unsuccessful access to these objects, select the Failure check box.
To enable auditing of both, select both check boxes.
Click OK.
Source http://support.microsoft.com/?kbid=310399
Also when I started doing this on my computer I didn't give it a large enough file size so once the logs got full it wouldn't let anybody log on. To fix this right click on my computer then select manage. Then system tools, event viewer you can then right click on the logs and specify log size.
[EDIT] Thats weird, It didn't show me your post cemetric when I first loaded the page[/EDIT]
-
July 3rd, 2003, 06:09 PM
#5
Thats weird, It didn't show me your post cemetric when I first loaded the page
Sorry for the late answer there cheyenne1212 .. I'm still trying to find my way on the site and I'm being carefull of not doing anything wrong .
Also to enlighten the situation about not seeing my post ... this could be due to it being posted during working hours at my job ... I'm trying not to do this to much because I've noticed some problems with that .
Hope this helps. and again sorry for the late answer .
C.
Back when I was a boy, we carved our own IC's out of wood.
-
July 3rd, 2003, 06:31 PM
#6
Also when I started doing this on my computer I didn't give it a large enough file size so once the logs got full it wouldn't let anybody log on. To fix this right click on my computer then select manage. Then system tools, event viewer you can then right click on the logs and specify log size.
by cheyenne1212
This is an easy problem to fix. In event viewer, right click Security and choose properties. On the general tab, select an option for log size (recommended: Clear log manually). At the run prompt type 'regedit' to open registry editor. Change or create the dword value named CrashOnAuditFail in HKLM\System\CurrentControlSet\Control\Lsa. Set it equeal to 0 or delete if it is present. Restart your computer.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|