Enabling File Access Auditing for Web Site Content

In addition to enabling Windows Server 2003 security logs, enable file access auditing for your Web site content. This is a separate step that must be completed to monitor any changes to the files and directories that contain your application and content.

You can enable auditing on a user-by-user basis for each file and directory. However, at a minimum, enable auditing for all users for any successful or failed attempts to do the following:

• Modify or delete existing content.
  
  
• Create new content.
  
  

Tip
Beyond these minimal events, you can audit content for other purposes, such as forensic analysis of intruder detection.

For more information about how to enable file auditing on Web site content and files, see Enable Web Site Content Auditing.