Free Windows Network User Accounting

Well, I've been trying to find an affordable, easy to use, Security Event Management (SEM) system for my customers, and have had absolutely zero luck. Apparantly, affordable, easy to use, and SEM only occur in the same sentence on my blog. Systems I looked into costed from around $1,000/year (this is for 10 PC's and a server) to upwards to $100,000 (I didn't look at that one for long), and seemed overwhelming to say the least. What I need is a system that does a few things:

1. Tells me who logged onto which computer, when, and when they logged off.
2. Tells me if somebody logged on during a time they do not typically log on, or if someone used a computer that they don't normally use.
3. Watches a few directories on the server, and lets me know which and when files are accessed, changed, or deleted.
4. Is simple enough to use that any Business Office Manager or Facility Admnistrator can use it.

WISH ME LUCK.

Actually, the title of this post is my first glimmer of hope that I may be able to cobble together this solution from freeware and Open Source components.

Free Windows Network User Accounting is a PHP-based system that works on any server that has Exchange or Apache (Windows or otherwise!). The downside is that noobs will not necessarily enjoy installing PHP in their servers, which is a requirement to run this app. Next up, one will need a way to run scripts on Windows machines at logon and logoff (Hello Group Policy!). And finally, you will need to figure out how to add a new directory to your internal web server. I spent roughly three hours making this work, but it works great! My one complaint (aside from the difficulty of installation) is that the page takes a noticeable amount of time to render, but that may be due to some misconfiguration on my part, as this was the first PHP server I had set up.

Later, I'll share the FREE installed software auditing apps I've found. One works remotely, and one works locally.