During my IT career so far, there have been several occasions where we had to implement some kind of file system monitoring software in order to track employees who were trying to access confidential data without authorization.
Windows has a built in feature whereby you can audit file access or file modifications, but it’s a pain in the butt to implement and trying to drudge through the millions of events Windows generates is close to impossible.
Apparently someone else had this problem and decided to write a program that allows you to easily monitor specific folders on your computer, track only the events you want to track and generate pretty looking log reports that can be easily digested.
DirMonitor is a nifty little program that tracks files changes, tracks folder changes, and runs in the background so it won’t be noticed. DirMonitor is part of a set of utilities, but when you go to install it, you can just choose DirMonitor.
To start using the program to monitor system changes, choose Create a new setting list and press Next.
Now click Add Folder and choose the folder you want to monitor. You’ll also see a bunch of other options, including the option to monitor sub-folders.
You can monitor file name changes, folder name changes, file attribute changes (hidden, compressed, etc), file size changes, file creation time changes, last file save time and last file access time changes, and finally security descriptor changes (changes to the file permissions).
If you are only trying to monitor a certain type of file, like an Excel Spreadsheet, etc, you can enter the file type in to the Filter for Files box. Make sure to enter the file types like this: *.PDF, *.XLS, etc. You have to put the * and the . before the file extension in order for it to track correctly.
Click Next and choose a directory where you want to store the HTML report and then click Start. Now you’ll see a window that will be showing any changes that are made in real-time. To hide the screen, press the Iconic mode button and the screen will be minimized to the system tray, but still monitoring changes.
Here are the results in the screen once I changed the name of a PDF file in the directory I was monitoring:
When you are finished, just press the Stop button and you’ll be given the option to view the HTML report or Save settings. You can save the settings if you want to monitor the same folder at a later time.
Overall, it’s a simple, yet very useful, file monitoring program for beginners. It’s obviously not too hard to turn off considering it runs in the system tray, so it’s not something to use against tech-savvy people. Enjoy!
DirMonitor is being reported as a Trojan Horse.