Server 2008 R2: File Audit...

Discussion and support for the Windows family of operating systems.
Post Reply
Anakha56
Forum Administrator
Posts: 22136
Joined: 14 Jun 2004, 02:00
Processor: Ryzen 1700K
Motherboard: Asus X370
Graphics card: Asus 1060 Strix
Memory: 16GB RAM
Location: Where Google says

Server 2008 R2: File Audit...

Post by Anakha56 »

Morning All,

So I need to audit our file server for illegal file types namely mp3's, avi's, mpegs and so on. Does Server 2008 R2 have a built-in way (besides Windows key + F) to do this sort of thing? It needs to go into detail as to show which profile has these items and allow me to export the results into a CSV file. We used to use Network Searcher but since we have moved to Win2k8 R2 this app is no longer supported. Was wondering if anyone has any other methods or software to use?

Thanks for any help, even hamin_aus cynical comments are helpful as is the condescending posts by rusty :P.
JUSTICE, n A commodity which is a more or less adulterated condition the State sells to the citizen as a reward for his allegiance, taxes and personal service.
User avatar
rustypup
Registered User
Posts: 8872
Joined: 13 Dec 2004, 02:00
Location: nullus pixius demonica
Contact:

Re: Server 2008 R2: File Audit...

Post by rustypup »

File Server Resource manager..
WinDirStat..

powershell script with a foreach list of extensions?...

or Ctrl+A>Shift+Del>Enter :lol:

as mentioned, i can defeat your l33t surch ski11z by simply changing the extension... take that, fascist!

a reliable tool that scans both the extension and the file header/footer i have yet to meet..
Most people would sooner die than think; in fact, they do so - Bertrand Russel
Anakha56
Forum Administrator
Posts: 22136
Joined: 14 Jun 2004, 02:00
Processor: Ryzen 1700K
Motherboard: Asus X370
Graphics card: Asus 1060 Strix
Memory: 16GB RAM
Location: Where Google says

Re: Server 2008 R2: File Audit...

Post by Anakha56 »

Actually this looks good...

http://www.voidtools.com/

Can do everything I want it to. Our users are not that clever so yeah...

rusty you could try this one, works with md5 hashes...

http://funk.eu/smf/
JUSTICE, n A commodity which is a more or less adulterated condition the State sells to the citizen as a reward for his allegiance, taxes and personal service.
User avatar
hamin_aus
Forum Moderator
Posts: 18363
Joined: 28 Aug 2003, 02:00
Processor: Intel i7 3770K
Motherboard: GA-Z77X-UP4 TH
Graphics card: Galax GTX1080
Memory: 32GB G.Skill Ripjaws
Location: Where beer does flow and men chunder
Contact:

Re: Server 2008 R2: File Audit...

Post by hamin_aus »

I see rusty already mentioned File Server Resource Manager... read up on that.

If you aren't running file services on your file server, commit ritual suicide.
If you are, even if you arent using screening you can still pull reports.

But first get a notoriously ill-tempered senior manager (or executive) to send a mail out to all users that on XXXX date IT will be conducting an audit of all illicit files on the servers - make sure to list what these file-types are - audio and video like MP3, WMV, WMA, AVI, MPG etc
Let them know that IT is able to see who copied the file on there and who last accessed the file (so lie) and that people who have copied these files onto the server will be harshly dealt with.
Image
Anakha56
Forum Administrator
Posts: 22136
Joined: 14 Jun 2004, 02:00
Processor: Ryzen 1700K
Motherboard: Asus X370
Graphics card: Asus 1060 Strix
Memory: 16GB RAM
Location: Where Google says

Re: Server 2008 R2: File Audit...

Post by Anakha56 »

jamin_za wrote:On a 2008 R2 server running File Services you can use this to run a report on all file types and their usage.

Also this would have prevented your issue in the first place.

If you arent running file services on your file server, commit ritual suicide.

But first get a notoriously ill-tempered senior manager (or executive) to send a mail out to all users that on XXXX date IT will be conducting an audit of all illicit files on the servers - make sure to list what these file-types are - audio and video like MP3, WMV, WMA, AVI, MPG etc
Let them know that IT is able to see who copied the file on there and who last accessed the file (so lie) and that people who have copied these files onto the server will be harshly dealt with.
We have done this sort of thing in the past so the users are aware of it. You are right, it probably would be a good idea to let them know first...

As for your links, reading them now. I was not aware of file screening on Server 2008 to be honest and as for Storage Reports, never played with it :oops:. Thank you oh mighty hamin_aus! Your services have enlightened me and helped me :).
JUSTICE, n A commodity which is a more or less adulterated condition the State sells to the citizen as a reward for his allegiance, taxes and personal service.
Post Reply