Highest Voted 'audit' Questions - Server Fault Stack Exchange

0

votes

1 answer

What's the meaning of parameter Priority_boost

I have searched the web for answers to this. In auditd configuration file auditd.conf there is a parameter priority_boost. The RedHat manpage says: priority_boost This is a non-negative number that tells the audit daemon how much of a priority boost…

linux audit

asked May 10 '20 at 07:52

PartyParrot

3
2

0

votes

1 answer

Windows Server 2019 auditing removed as soon as applied

I've got a Windows Server 2019 domain controller with a GPO applying auditing on logon events. RSOP shows it is applied, however, if I look at the event logs, the moment it applies I can see that it is removed by SYSTEM. Why is this happening? How…

security group-policy audit windows-server-2019

asked Apr 08 '20 at 12:57

user568733

1
1

0

votes

1 answer

Monitoring users logged in with SSH-CA (certificates)

I was hoping to get some help with an approach that could be used... I am building out a solution that will use SSH-CA (that is, SSH where authentication is done via certificates). Flow is simple: 1) User generates key pair 2) Authenticates with HSM…

ssh logging root audit

asked Apr 06 '20 at 10:06

Woodstock

103
1
1
11

0

votes

2 answers

How to verify if an e-mail was really sent?

A customer states that an email was received from Bob. Bob claims that the email was never sent. How can I verify which side is lying? If both sides have on-premises email servers (e.g. Exchange Server), is this even possible? EDIT I'm assuming both…

email-server audit

asked Jan 29 '20 at 12:38

ivarec

151
5

-1

votes

2 answers

Group Policy to enable file audit

What am I missing here? I'm trying to enable file auditing so I can see who deleted a file via security logs in event viewer. I created the below group policy Computer Configuration > Windows Settings > Local Policies/Audit Policy > Audit Object…

windows-server-2008-r2 group-policy audit eventviewer

asked Jan 03 '17 at 21:15

selachka

1
1
4

-1

votes

1 answer

Set up auditing on Windows Server 2012 R2: logging on, logging off, open, read, write, etc. (Sucesses and failures)

I have enabled auditing on Windows Server 2012 R2 (domain controller) but liked warned, there are just way too many events being generated and it really doesnt tell me anything or just too troublesome to look thru. The events I want to audit…

windows-server-2012-r2 audit

asked Jul 14 '15 at 10:43

riahc3

505
5
11
29

-1

votes

2 answers

How to monitor and list modified files server wide for brief periods of time?

I would like to, from time to time, enable server-wide file monitoring that will show me all files being modified, updated and created while I have it running and thus simply spewing forth a list of files modified until I hit control-c. This is…

linux logging audit inotify last-modified

asked Jul 07 '14 at 23:43

ylluminate

1,155
2
17
35

-1

votes

1 answer

Where do I see a log of user connections to PC in Windows Server 2008 Event Log Viewer?

Event Log Viewer is listing a bunch of infos but where am I supposed to see the list of user connections to PC in Windows Server 2008 ?

windows windows-server-2008 security audit

asked Mar 17 '12 at 09:20

user46250

362
1
6
22

-1

votes

1 answer

sql server 2008: how do you set up a trace on a specific database?

i am trying to use sql server profiler to trace all the sql statements on a specific database, is this possible to do?

sql-server-2008 sql audit

asked Nov 10 '10 at 19:14

Alex Gordon

455
3
14
31

-3

votes

1 answer

Sysprep Forever

I want to use Windows in Audit Mode without continuing the Windows installation. Because: It's clean and fast, no Metro and others packages. It's the built-in Administrator; full permission (elevated), no annoying UAC prompt and no fail of startup…

windows audit sysprep

asked Jun 05 '14 at 10:23

8.1 User

1

Questions tagged [audit]