0

recently I have created a share folder (in windows8) in my organization where everyone has to submit their work. But later I found some one deleting files of others.

From now onward I want keep an eye on the shared folder. Is there any way to save the logs in shared folders. I tried using windows event logs but I am not able to find what I want.Please some one help me.

Pawan
  • 423
  • 6
  • 28

1 Answers1

0

Windows may log certain authentication events in the Security event-log, however this will only contain useful information if you used local user accounts and gave each person their own local user account (but if you did that, you could prevent them from deleting each others' files).

However Windows does not log SMB share file activity. The Shares list in MMC/Computer Management only lists currently active/open shares too.

All I can suggest is to avoid this from happening in future by either tightening security by creating user-accounts for each person and giving them their own shared directory which only they (and you) have write-access to. Another alternative is to have a program running in the background on your computer that monitors the shared folder for new files and when it detects a file has been placed it moves it away to an inaccessible directory elsewhere.

Dai
  • 141,631
  • 28
  • 261
  • 374
  • Is there any way for me to find from which system (in the LAN) the file or folder was deleted?? – Pawan Sep 04 '15 at 05:53
  • @Pawan No. As I said, Windows does not log SMB activity. – Dai Sep 04 '15 at 06:26
  • Windows can be configured to log all file system activity (including, AFAIK, activity that originated over SMB) but it is not on by default. – Harry Johnston Sep 05 '15 at 02:29