![]() |
|
Note: Evaluation downloads are provided for the current version of the software only. Please contact techsupport@greyware.com
if you need an evaluation copy of version 2.4 for use on NT or Windows 2000.
Registered executables of version 2.4 and the Alpha builds are included for download when licenses for the current version are purchased.
If System Change Log is already installed, the Install button will not
be present. Instead, setup will present an Upgrade button.
If older versions of any of the distribution files
already exist on your machine, the program will upgrade them automatically when you
select Upgrade.
In some cases, it may be necessary for you to reboot your machine to complete
installation or an upgrade. If so, you will be prompted to restart.
System Change Log installs to the system directory (usually C:\Windows\system32 or C:\WINNT\system32).
Removal
Upgrading
Command-line Options
To assist with automated installations, the program also supports the /quiet command-line switch.
You may use the /quiet switch in conjunction with /remove, /install, or /upgrade.
When the /quiet switch is specified, the program only displays dialog boxes if errors are encountered;
otherwise, the program performs the requested function and exits immediately. This feature makes it easy to
handle installations or upgrades network-wide with a simple batch file.
Administrative Options and Remote Installation
Examples
Note: For remote installation or removal to work (i.e., specifing a target machine name as in the above two examples
using \\fred and \\barney), both the machine you are working on and the target machine must be logged on under an account that has administrative privileges on the target machine.
Monitored Paths
Important: You should only monitor the drives and paths where you need the information. Monitoring all
activities on all drives can slow down your system and fill up your log files. Adjust the entries in this box to match your monitoring requirements.
Click the Add button to add a specific path or drive to the list of monitored paths.
Click the Remove button to remove the highlighted path or drive.
Click the File Selections button to bring up the Includes and Excludes dialog box:
Included Files
Excluded Paths and Files
Unlike DOS wildcards, you may use more than one wildcard per specification. Click the Help
button for syntax examples.
Tracking Options
Track File Creations:
Track User Information:
Due to the way Windows handles file activity internally, System Change Log can only report the name of a user account
that makes a change if the success reporting function of Windows Files/Folders security auditing is enabled for the monitored path(s).
The process of enabling local security auditing is slightly different for each operating system version.
See these articles from the Microsoft Knowledgebase:
For example, if you want to know the names of people making changes in a folder named
C:\Accounting Data
on a Windows XP system, follow the instructions from Microsoft for enabling overall auditing in the
Microsoft knowledgebase articles mentioned above. In Windows 2K and XP, you first enable overall
Object sucess editing using the Local Security Policy MMC snap-in found in Adminstrative Tools.
Then, using Explorer (or My Computer), right-click on the C:\Accounting Data folder to bring up its Properties and enable the
specific events you want to audit. Your settings screen would look similar to this
(check the boxes for only the types of activity you need):
System Change Log only cares about success events (successful changes to the files), because it only monitors
changes, and an unsuccessful attempt does not result in a change.
Important note: You should only enable auditing for the folders where you need the audit information,
and you should only check the boxes for the kinds of information you really need. Auditing can slow down your system
if it is used excessively, and can fill your event viewer logs with hundreds of records per second on a busy
machine. There's no point in recording information you will never need.
Logging Options
|
My Account |
Contact Us |
Privacy Policy |
Printer-Friendly Version
Copyright © 1995-2023 Greyware Automation Products, Inc. All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.