如何在Windows下监控/记录文件对远程文件夹的访问?
[英]How to monitor / log files access to remote folders under windows?
问题描述
I would like to log the name of all the files I access from a particular network share (and the process accessing the the file). 
我想记录我从特定网络共享(以及访问该文件的进程)访问的所有文件的名称。
What are the solutions in C++ / Win32 preferably ? C ++ / Win32中的解决方案最好是什么?
3 个解决方案
解决方案1
2 2008-11-13 23:34:05
You need ReadDirectoryChangesW and the FILE_NOTIFY_CHANGE_LAST_ACCESS notification flag. 您需要ReadDirectoryChangesW和FILE_NOTIFY_CHANGE_LAST_ACCESS通知标志。
I don't think the old FindFirstChangeNotification will work for you as it only notifies on changes, not access, but I've traditionally used that for file/directory notifications. 我不认为旧的FindFirstChangeNotification会对你有用,因为它只通知更改,而不是访问,但我传统上使用它来进行文件/目录通知。
解决方案2
1 2008-11-18 22:44:55
Process Monitor from sysinternals.com can be set up to filter on the path. 可以将sysinternals.com上的Process Monitor设置为在路径上进行过滤。 You can set the path to the UNC you're interested in watching. 您可以设置您想要观看的UNC的路径。
http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
解决方案3
0 2012-01-18 21:06:37
If it's for after-the-fact, you could use the Windows' security auditing . 如果它是为了事后,您可以使用Windows的安全审核 。
If you need to do it in real-time, then you might need to interface with the Windows message queue and sniff the specific events that interest you. 如果您需要实时执行此操作,则可能需要与Windows消息队列连接并嗅探您感兴趣的特定事件。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.