Can I log file operations (create/modify/delete) in Windows?

windows windows-xp logging

Solution 1:

Yes you can and it's called Auditing. You can audit for succesfull and/or failed attempts. To enable auditing you have to take 2 actions:

  1. Enable auditing by a policy. You have to open local Security Policy (or a policy on a domain) and go to Local Policies -> Audit Policy -> Audit object access. Check either Success or Failed, or both.

  2. Enable auditing on a file or folder Now auditing is enabled, you have to set which files are audited. To do so rightclick on the file or folder that you want to audit and choose properties. Go to the security tab and click Advanced. Here you have to select for which users you want to enable auditing. Next you have to check for with actions you want to enable auditing.

You can find the results in the security eventlog.

Related

Remove a part of a list of names
Routing between two
HDMI to VGA convert
SSH into WSL from another machine on the network
services.exe batters disk writes on startup
Does the RPM of case fans make a big cooling difference?
Why won't my taskbar display on my secondary monitor?
Host and guest suddenly cannot communicate in bridged mode after working fine before
MVC Force jQuery validation on group of elements
How should character arrays be used as strings?
PowerShell, formatting values in another culture
Centering a JLabel on a JPanel