My dad has all his important files in a folder named "IMP" in E: in Windows 7. I've set auditing object access failure and enabled auditing on the IMP folder and denied read access and delete folder for all other users.
Everything is working fine and I can check the event viewer whenever my dad wants to have a look at the logs. The problem is I am not always present when he wants to have a look at the logs and since he isn't too tech savvy it would be very difficult for him to go to event viewer, filter the log with event id no. 4656, Event Sources: Microsoft Windows security auditing, Task category: File System.
I was wondering if there is an easier way of generating logs for eg. automatically create a notepad file with all those filters once the audit failure triggers.