Audit File Share

As Windows enables you to track and monitor access to files and folders on the server, I will walk you through the process of enabling File Share Auditing on Windows Server in this video. Unauthorized access attempts, file modifications, and deletions are identified by turning on auditing. It is crucial to enable file and folder auditing on a Windows file server because this information is crucial for identifying security breaches. On a Windows file server, there are two steps to enable file and folder auditing. These are

Procedures
The first step is to enable the Audit Object Access feature on the group policy by creating a GPO and applying it to the users you want to monitor or to all domain users. The second step is to configure the shared folder or file so that you can track access to this folder; to make this easier for you to monitor, you must configure the audit settings for files and folders.
- Set up Group Policy to allow Audit Object Access path: Under Computer Configuration, select Policies, Windows Settings, Security Settings, Advanced Audit Policy Configuration, Audit Policies, and Object Access.
Enabling the Audit Object Access policy
To check its box, click "Define these Policy Settings."
In the "Success" and "Failure" boxes, check both.